Community


Trojan:Win32/Suschil!rfn - host-7.6.2.0.msi

Links used in this discussion
Robin Graham, User (Posts: 2)
Dec 06, 2024 10:46:23 am EST
Support level: Free or trial
Windows 10 Microsoft Defender has just "Detected Trojan:Win32/Suschil!rfn" in the latest Remote Utilities host-7.6.2.0.msi file and quarantined it.
Is this a false positive?
Is Microsoft supposed to relent after being told it's fine and allow the file?
If so, who tells them?
Conrad Sallian, Support (Posts: 3074)
Dec 06, 2024 12:35:18 pm EST
Hello Robin,

Thank you for your message.

Version 7.6.2.0 has been around for several months now and is digitally signed by an EV Code Signing certificate. Back when we initially released the version there was a detection by Windows Defender by then they prompty removed it.

Microsoft has a dedicated form to submit a false positive report:
https://www.microsoft.com/en-us/wdsi/filesubmission

Feel free to submit an FP using the form above. We will do that as well.

Thanks.
Robin Graham, User (Posts: 2)
Dec 06, 2024 12:53:53 pm EST
Support level: Free or trial
Version 7.6.2.0 was released 16th October, so less than two months ago.

Thank you for submitting a false positive form to Microsoft for this - I'd rather not as they make you sign in.
David Silvera, User (Posts: 21)
Dec 06, 2024 10:09:20 pm EST
Submitted false positive using both my personal and enterprise account.
Conrad Sallian, Support (Posts: 3074)
Dec 09, 2024 12:08:55 pm EST
Thank you, David, much appreciated. It's strange that Microsoft dislikes the .msi files but leaves the .exe Host alone, even though it's essentially the same .msi file wrapped.

* Website time zone: America/New_York (UTC -5)