|
The SHA256 sum in the screen does correspond to the 32-bit MANIFOLD.EXE from 9.0.172.3. Yes, this is a false positive. It is telling that (a) the anti-virus tools flag the 32-bit EXE but not the 64-bit EXE even though the code in them is exactly the same, and that (b) the entire code being flagged is a call into EXT.DLL. What's sad is that previously false positives like these were only appearing in third-party tools, but for the last year or so they started sneaking up into Windows Defender. We'll submit the EXE as a safe one to the Windows Defender portal, but the reaction isn't going to be fast nor is the effect going to last - most likely they'll continue flagging similar EXEs in future builds (not all of them, but which ones nobody knows).
|