AV hit on Windows x64 binary

[cousinit99]

Microsoft Defender is reporting the latest Windows x64 binary (96.0.4664.45-1) as having PUA:Win32/Presenoker, and Virustotal is reporting 2 detections as well. The last version released (95.0.4638.69-1) had no detections at all, so naturally, I'm a little concerned... I'm wondering if the user who built it ( @Nifury ) could shed some light on this.

[Nifury]

I completely understand your concern. The only difference between v95 and v96 is that v95 was built locally whereas v96 was built via GitHub Actions (https://github.com/Nifury/ungoogled-chromium-windows/tree/github_action). Theoretically, v96 is more authentic because everything is traceable.

Back to the detections, I cannot explain why v96 is reported. As a C++ developer, I'm used to such false alarms, especially when executables are not signed. Sorry that I cannot give you a better explanation or proof - I would suggest that you compile it from the official repo (https://github.com/ungoogled-software/ungoogled-chromium-windows) if the detection bothers you.

Happy New Year!