Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Avalonia.Win32 is blocked as a "virus" [RESOLVED]

See original GitHub issue

Describe the bug

Some of my users are getting this exception on startup:

System.IO.FileLoadException: Could not load file or 
assembly 'Avalonia.Win32, Version=0.10.3.0, Culture=neutral, 
PublicKeyToken=c8d484a7012f9a8b'. Operation did not complete successfully 
because the file contains a virus or potentially unwanted software. 
(0x800700E1)

     at 
Avalonia.AppBuilderDesktopExtensions.LoadWin32[TAppBuilder](TAppBuilder 
builder)
    at 
Avalonia.AppBuilderDesktopExtensions.UsePlatformDetect[TAppBuilder](TAppBuilder 
builder) in /_/src/Avalonia.Desktop/AppBuilderDesktopExtensions.cs:line 23
    at Bulk_Edit_Calendar_Events_WPF.Program.BuildAvaloniaApp() in 
C:\Users\derek\source\repos\Bulk Edit Calendar Events\Code\Bulk Edit 
Calendar Events_WPF\Program.cs:line 54
    at Bulk_Edit_Calendar_Events_WPF.Program.Main(String[] args) in 
C:\Users\derek\source\repos\Bulk Edit Calendar Events\Code\Bulk Edit 
Calendar Events_WPF\Program.cs:line 26

This is coming from the:

public static AppBuilder BuildAvaloniaApp()
	=> AppBuilder.Configure<App>()
		.UsePlatformDetect()
		.LogToTrace()
		.With(new AvaloniaNativePlatformOptions { UseGpu = false });

Since the exception message contains the “virus” warning, I think this is Windows Defender (as opposed to some 3rd party virus software). Are there changes that can be made to Avalonia.Win32 to make it “ok” for Windows Defender? This seems like a big issue if Windows Defender is going to start blocking all Avalonia applications.

Desktop (please complete the following information):

Here’s what I know about what the user has set up:

OS: Windows 10 Home & Windows 10 Pro
Version 0.10.3

Issue Analytics

State:
Created 2 years ago
Reactions:4
Comments:24 (1 by maintainers)

Top GitHub Comments

3reactions

derekantricancommented, May 18, 2021

I submitted the files to Microsoft Security. Avalonia.Themes.Default.dll has been removed from misidentification and should be available in the next Windows Defender definition.

Avalonia.Win32.dll is still pending (they could not repro so I added a dump of support files from Windows Defender)

For people that find this issue, you can get the latest definition by opening Windows Defender (also listed as "Windows Security), going to “Virus & Threat protection”, and “Check for updates” under “Virus & threat protection updates”. You can also force a refresh of your cache by running the following from an admin command prompt:

cd "%ProgramFiles%\Windows Defender"
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate

1reaction

derekantricancommented, May 18, 2021

This issue is FIXED (see above comments on how Microsoft Security has cleared the files and how your users can fix their Defender cache). However, since more people might continue hitting this, I’m going to reopen it for easier visibility and so people don’t create new issues (probably can be closed in a few days).