Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Microsoft Defender found the following service with an untrusted path : Wslinstaller #12316

Open
1 of 2 tasks
aaalex99 opened this issue Nov 26, 2024 · 5 comments
Open
1 of 2 tasks
Assignees
Labels

Comments

@aaalex99
Copy link

Windows Version

Microsoft Windows [Version 10.0.19045.5031]

WSL Version

2.3.26.0

Are you using WSL 1 or WSL 2?

  • WSL 2
  • WSL 1

Kernel Version

5.15.167.4-1

Distro Version

22.04.5 LTS (Jammy Jellyfish)

Other Software

No response

Repro Steps

MS Defender scan results

Expected Behavior

MS Defender scan results

Actual Behavior

Microsoft Defender found the following service with an untrusted path : WslInstaller (Windows-Subsystem für Linux) : C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForLinux_2.3.26.0_x64__8wekyb3d8bbwe\wslinstaller.exe,WslInstaller

Diagnostic Logs

No response

Copy link

Logs are required for review from WSL team

If this a feature request, please reply with '/feature'. If this is a question, reply with '/question'.
Otherwise please attach logs by following the instructions below, your issue will not be reviewed unless they are added. These logs will help us understand what is going on in your machine.

How to collect WSL logs

Download and execute collect-wsl-logs.ps1 in an administrative powershell prompt:

Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/WSL/master/diagnostics/collect-wsl-logs.ps1" -OutFile collect-wsl-logs.ps1
Set-ExecutionPolicy Bypass -Scope Process -Force
.\collect-wsl-logs.ps1

The script will output the path of the log file once done.

If this is a networking issue, please use collect-networking-logs.ps1, following the instructions here

Once completed please upload the output files to this Github issue.

Click here for more info on logging
If you choose to email these logs instead of attaching to the bug, please send them to [email protected] with the number of the github issue in the subject, and in the message a link to your comment in the github issue and reply with '/emailed-logs'.

View similar issues

Please view the issues below to see if they solve your problem, and if the issue describes your problem please consider closing this one and thumbs upping the other issue to help us prioritize it!

Closed similar issues:

Note: You can give me feedback by thumbs upping or thumbs downing this comment.

@aaalex99
Copy link
Author

/question

Logs are required for review from WSL team

If this a feature request, please reply with '/feature'. If this is a question, reply with '/question'. Otherwise please attach logs by following the instructions below, your issue will not be reviewed unless they are added. These logs will help us understand what is going on in your machine.
How to collect WSL logs

View similar issues

Please view the issues below to see if they solve your problem, and if the issue describes your problem please consider closing this one and thumbs upping the other issue to help us prioritize it!

Closed similar issues:

* [Nessus found the following service with an untrusted path : WslService  (#10262)](https://github.com/microsoft/WSL/issues/10262),  similarity score: 0.83

* [2.3.11 - Win11 Defender detects x64 msi as a `Trojan:Script/Wacatac.B!ml` (#11797)](https://github.com/microsoft/WSL/issues/11797),  similarity score: 0.70

Note: You can give me feedback by thumbs upping or thumbs downing this comment.

/

Copy link

Diagnostic information
Found '/question', adding tag 'question'

@aaalex99
Copy link
Author

aaalex99 commented Dec 9, 2024

See similiar already fixed issues: #10262

@aaalex99
Copy link
Author

aaalex99 commented Dec 9, 2024

Image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants