starred/terminal
1
0
Fork 0
mirror of https://github.com/microsoft/terminal.git synced 2026-02-04 05:35:20 +00:00
Code Issues 19.0k Packages Projects Releases 20 Wiki Activity

Why is WindowsTerminal.exe and conhost.exe triggering Trend Micro Antivirus? #1597

New Issue
Closed
opened 2026-01-30 22:31:30 +00:00 by claunia · 2 comments
claunia commented 2026-01-30 22:31:30 +00:00
Owner
Copy Link

Originally created by @tdelany on GitHub (Jun 11, 2019).

What would WindowsTerminal.exe and conhost.exe be doing that would make our Trend Micro WFB antivirus think that they are trojans?

I cannot test the Windows Terminal because the program will launch for a few seconds and then disappear with Trend Micro reporting that WindowsTerminal.exe and conhost.exe are infected with troj.win32.gen.xxbm100ff005r0001 and the files are quarantined.

Since this is on a corporate network, I have no control over what the A/V software does. I have asked IT to whitelist both WindowsTerminal.exe and conhost.exe in the reported path (D:\Projects\terminal\src\cascadia\CascadiaPackage\bin\x64\Release\AppX) but Trend still jumps all over them when I try to run them.

I realize this is probably a little out-of-scope for this venue, but it would be great if someone could shed some light on why the A/V is getting so upset. I may just be out of luck for testing here.

2019-06-11 13_49_19-Window

Originally created by @tdelany on GitHub (Jun 11, 2019). What would WindowsTerminal.exe and conhost.exe be doing that would make our Trend Micro WFB antivirus think that they are trojans? I cannot test the Windows Terminal because the program will launch for a few seconds and then disappear with Trend Micro reporting that WindowsTerminal.exe and conhost.exe are infected with troj.win32.gen.xxbm100ff005r0001 and the files are quarantined. Since this is on a corporate network, I have no control over what the A/V software does. I have asked IT to whitelist both WindowsTerminal.exe and conhost.exe in the reported path (D:\Projects\terminal\src\cascadia\CascadiaPackage\bin\x64\Release\AppX) but Trend still jumps all over them when I try to run them. I realize this is probably a little out-of-scope for this venue, but it would be great if someone could shed some light on why the A/V is getting so upset. I may just be out of luck for testing here. ![2019-06-11 13_49_19-Window](https://user-images.githubusercontent.com/22082102/59294635-e42d7480-8c4f-11e9-98cd-620e3dc1320a.png)
claunia added the Needs-TriageNeeds-Tag-Fix labels 2026-01-30 22:31:30 +00:00
claunia commented 2026-01-30 22:31:31 +00:00
Author
Owner
Copy Link

@zadjii-msft commented on GitHub (Jun 11, 2019):

I don't think we're doing anything that should be triggering your antivirus. Hopefully your corporate network will push updated definitions to you soon, but I think this is totally out of our control.

This would probably be an issue to bring up with the issue tracker for your A/V provider - I doubt any of us on the Windows team have any experience with that A/V in particular.

@zadjii-msft commented on GitHub (Jun 11, 2019): I don't think we're doing anything that should be triggering your antivirus. Hopefully your corporate network will push updated definitions to you soon, but I think this is totally out of our control. This would probably be an issue to bring up with the issue tracker for your A/V provider - I doubt any of us on the Windows team have any experience with that A/V in particular.
claunia commented 2026-01-30 22:31:31 +00:00
Author
Owner
Copy Link

@tdelany commented on GitHub (Jun 11, 2019):

Kind of what I expected. I was hoping maybe you would say something like, "Well, it's probably because of [blah blah blah]" but I was not overly hopeful. I've not seen anyone else complaining about anything like this. Oh well. Unfortunately, I can't do anything about the $#@! A/V software (can't change settings or anything). I was just hoping you all knew about something that I didn't. Didn't really expect you all to be experts on our A/V and didn't really think it was your fault.

It would be nice if there was a place to just ask questions and discuss things like this without having to open an "issue". Thanks, and keep up the good work.

@tdelany commented on GitHub (Jun 11, 2019): Kind of what I expected. I was hoping maybe you would say something like, "Well, it's probably because of [blah blah blah]" but I was not overly hopeful. I've not seen anyone else complaining about anything like this. Oh well. Unfortunately, I can't do anything about the $#@! A/V software (can't change settings or anything). I was just hoping you all knew about something that I didn't. Didn't really expect you all to be experts on our A/V and didn't really think it was your fault. It would be nice if there was a place to just ask questions and discuss things like this without having to open an "issue". Thanks, and keep up the good work.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Reserved
A11yCO
A11yMAS
A11ySev1
A11ySev2
A11ySev3
A11yTTValidated
A11yUsable
A11yVoiceAccess
A11yWCAG
Area-Accessibility
Area-AtlasEngine
Area-AzureShell
Area-Build
Area-Build
Area-Chat
Area-CmdPal
Area-CodeHealth
Area-Commandline
Area-CookedRead
Area-DefApp
Area-Extensibility
Area-Fonts
Area-GroupPolicy
Area-i18n
Area-Input
Area-Interaction
Area-Interop
Area-Localization
Area-Output
Area-Performance
Area-Portable
Area-Quality
Area-Remoting
Area-Rendering
Area-Schema
Area-Server
Area-Settings
Area-SettingsUI
Area-ShellExtension
Area-ShellExtension
Area-ShellExtension
Area-Suggestions
Area-Suggestions
Area-TerminalConnection
Area-TerminalControl
Area-Theming
Area-UserInterface
Area-VT
Area-Windowing
Area-WPFControl
AutoMerge
Blocking-Ingestion
Culprit-Centennial
Culprit-WinUI
Disability-All
Disability-Blind
Disability-LowVision
Disability-Mobility
External-Blocked-WinUI3
Fixed
Gathering-Data
good first issue
HCL-E+D
HCL-WindowsTerminal
Help Wanted
Impact-Compatibility
Impact-Compliance
Impact-Correctness
Impact-Visual
In-PR
InclusionBacklog
InclusionBacklog-Windows TerminalWin32
InclusionCommitted-202206
Issue-Bug
Issue-Docs
Issue-Feature
Issue-Feature
Issue-Question
Issue-Samples
Issue-Scenario
Issue-Task
Needs-Attention
Needs-Author-Feedback
Needs-Bisect
Needs-Discussion
Needs-Repro
Needs-Tag-Fix
Needs-Tag-Fix
Needs-Triage
No-Recent-Activity
Priority-0
Priority-1
Priority-2
Priority-3
Product-Cmd.exe
Product-Colortool
Product-Colortool
Product-Colortool
Product-Conhost
Product-Conpty
Product-Meta
Product-Powershell
Product-Terminal
Product-WSL
pull-request
Mirrored from GitHub Pull Request
 Resolution-Answered
Resolution-By-Design
Resolution-Duplicate
Resolution-External
Resolution-Fix-Available
Resolution-Fix-Committed
Resolution-No-Repro
Resolution-Won't-Fix
Severity-Blocking
Severity-Crash
Severity-DataLoss
spam
this-will-be-a-breaking-change
Tracking-External
WindowsTerminal_Win32
Work-Item
zAskModeBug
zInbox-Bug
No Label Needs-Tag-Fix Needs-Triage
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claunia
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/terminal#1597
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?