Score:0

My six year-old WPF executable is suddenly being detected as MSIL/AgentTesla.FU!MTB by Windows Defender

pe flag

I wrote this app years ago, for my own personal use, never published it anywhere.

I wondered if a virus might have been able to infect it, but even restoring the exe from six years ago doesn't solve the problem.

I haven't managed to find anything useful on how this trojan is detected, which might enable me to change whatever it is in my code that provokes this.

(I'm also not sure whether this is the right place to ask the question)

Score:1
cn flag

Get a second opinion by scanning it with other engines, such as with VirusTotal.

Upload it for analysis by Microsoft security intelligence. Microsoft has an interest in keeping you both as a developer and Windows user.

This specific variant was cataloged by Microsoft in January 2021. AgentTesla is a remote access trojan that has evolved, so unfortunately it seems your thing got flagged as a false positive in a recent detection update.

Benjol avatar
pe flag
Great, thanks for this answer. Now I just need to work out how to get the antivirus to leave it along long enough for me to upload it!
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.