[GH-ISSUE #438] Windows Defender identifying 4.5.0 as Trojan:Script/Wacatac.B!ml #1289

New issue

Closed

opened 2026-03-14 00:55:54 +03:00 by kerem · 4 comments

kerem commented 2026-03-14 00:55:54 +03:00

Owner

Copy link

Originally created by @scarfacestrawberry on GitHub (Dec 27, 2024).
Original GitHub issue: https://github.com/aluxnimm/outlookcaldavsynchronizer/issues/438

Window Defender on Windows 11 Pro is identifying https://github.com/aluxnimm/outlookcaldavsynchronizer/releases/download/v4.5.0/OutlookCalDavSynchronizer-4.5.0.zip as malware.

Originally created by @scarfacestrawberry on GitHub (Dec 27, 2024). Original GitHub issue: https://github.com/aluxnimm/outlookcaldavsynchronizer/issues/438 Window Defender on Windows 11 Pro is identifying https://github.com/aluxnimm/outlookcaldavsynchronizer/releases/download/v4.5.0/OutlookCalDavSynchronizer-4.5.0.zip as malware.

kerem closed this issue 2026-03-14 00:56:01 +03:00

kerem commented 2026-03-14 00:56:08 +03:00

Author

Owner

Copy link

@scarfacestrawberry commented on GitHub (Dec 27, 2024):

Additional Info:

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
 For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0
 	Name: Trojan:Script/Wacatac.B!ml
 	ID: 2147735503
 	Severity: Severe
 	Category: Trojan
 	Path: file:_C:\Users\********\AppData\Local\Temp\tmpA277.tmp
 	Detection Origin: Local machine
 	Detection Type: FastPath
 	Detection Source: Real-Time Protection
 	User: ********\********
 	Process Name: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
 	Security intelligence Version: AV: 1.421.1024.0, AS: 1.421.1024.0, NIS: 1.421.1024.0
 	Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11

<!-- gh-comment-id:2563230232 --> @scarfacestrawberry commented on GitHub (Dec 27, 2024): Additional Info: ``` Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0 Name: Trojan:Script/Wacatac.B!ml ID: 2147735503 Severity: Severe Category: Trojan Path: file:_C:\Users\********\AppData\Local\Temp\tmpA277.tmp Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection User: ********\******** Process Name: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE Security intelligence Version: AV: 1.421.1024.0, AS: 1.421.1024.0, NIS: 1.421.1024.0 Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11 ```

kerem commented 2026-03-14 00:56:13 +03:00

Author

Owner

Copy link

@aluxnimm commented on GitHub (Dec 27, 2024):

can happen after new release, will be submitted for check for malware analysis to sort out false positives.

<!-- gh-comment-id:2563498963 --> @aluxnimm commented on GitHub (Dec 27, 2024): can happen after new release, will be submitted for check for malware analysis to sort out false positives.

kerem commented 2026-03-14 00:56:18 +03:00

Author

Owner

Copy link

@vanillaFriday commented on GitHub (Dec 27, 2024):

I had the same problem. I want to install the 4.5.0 Version with Outlook 2019 and Win 11 Pro. Identified as Trojan:Script/Wacatac.H!ml. File which was detected as malicious is placed at [APPDATA]\Local\Temp\tmp297D.tmp

<!-- gh-comment-id:2563681403 --> @vanillaFriday commented on GitHub (Dec 27, 2024): I had the same problem. I want to install the 4.5.0 Version with Outlook 2019 and Win 11 Pro. Identified as Trojan:Script/Wacatac.H!ml. File which was detected as malicious is placed at [APPDATA]\Local\Temp\tmp297D.tmp

kerem commented 2026-03-14 00:56:23 +03:00

Author

Owner

Copy link

@scarfacestrawberry commented on GitHub (Jan 5, 2025):

Defender is no longer flagging it as malicious and virus total shows the all clear:
https://www.virustotal.com/gui/file/6da126fb91b74ea884d10941bbbf9eea5781c0a2f57fd017ab0bcea4b44bbf60/detection

<!-- gh-comment-id:2571656826 --> @scarfacestrawberry commented on GitHub (Jan 5, 2025): Defender is no longer flagging it as malicious and virus total shows the all clear: https://www.virustotal.com/gui/file/6da126fb91b74ea884d10941bbbf9eea5781c0a2f57fd017ab0bcea4b44bbf60/detection

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/nuget/CalDavSynchronizer.IntegrationTests/log4net-3.3.0

temp/RemoveInvalidXmlCharsStream

feature/switch_to_google_people_api

feature/localization

feature/Bulk-profile-creation

PierreMarieBaty-master

gh-pages

v4.6.0

v4.5.0

v4.4.1

v4.4.0

v4.3.0

v4.2.0

v4.1.0

v4.0.0

v3.8.2

v3.8.1

v3.8.0

v3.7.0

v3.6.2

v3.6.1

v3.6.0

v3.5.0

v3.4.0

v3.3.0

v3.2.1

v3.2.0

v3.1.1

v3.1.0

v3.0.0

v2.27.0

v2.26.0

v2.25.0

v2.24.0

v2.23.0

v2.22.2

v2.22.1

v2.22.0

v2.21.0

v2.19.2

v2.19.1

v2.19.0

v2.18.0

v2.17.0

v2.16.0

v2.15.1

v2.15.0

v2.14.1

v2.14.0

v2.13.0

v2.12.0

v2.11.0

v2.10.0

v2.9.1

v2.9.0

v2.8.2

v2.8.1

v2.8.0

v2.7.0

v2.6.1

v2.6.0

v2.5.1

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.0

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.2

v2.0.1

v2.0.0

v1.24.0

v1.23.0

v1.22.0

v1.21.0

v1.20.3

v1.20.0

v1.19.0

v1.18.0

v1.17.0

v1.16.0

v1.15.0

v1.14.2

v1.14.0

v1.13.2

v1.13.0

v1.12.0

v1.11.0

v1.10.0

v1.9.0

v1.8.0

v1.7.0

v1.6.0

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.4.5

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.3.4

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.3

v0.99.15

v0.99.14

v0.99.13

v0.99.12

v0.99.10

v0.99.9

v0.99.8

v0.99.7

v0.99.6

v0.99.5

Labels

Clear labels   

1.0

  

1.0

  

1.0

  

2.0

  

Feature

  

Feature request

  

Google

  

Google Calendar

  

async

  

attachement

  

auto-migrated

  

auto-migrated

  

auto-migrated

  

bug

  

critical

  

enhancement

  

help wanted

  

implemented

  

pull-request

Mirrored from GitHub Pull Request

  

solved

  

solved

  

sourceforge

  

sourceforge

  

sourceforge

No labels

1.0

1.0

1.0

2.0

Feature

Feature request

Google

Google Calendar

async

attachement

auto-migrated

auto-migrated

auto-migrated

bug

critical

enhancement

help wanted

implemented

pull-request

solved

solved

sourceforge

sourceforge

sourceforge

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/outlookcaldavsynchronizer#1289

No description provided.