The latest .NET Core release has a trojan?


So last night, Windows defender informed me that it had quarantined the .NET Core installation I downloaded. According to Windows Defender the “dotnet-win-x64.” file contains the trojan “Win32/Gatrid.E!plock”.

I downloaded this installer from

This is troubling and I hope it’s a problem with Windows Defender and not my system that has now been possible infected.


Hey @yeep, this issue is being tracked here and here.

If you update the Windows Defender definitions to 1.213.7746.0 you should have this problem fixed. We’re publishing signed MSIs for daily builds so it doesn’t become an issue in the future.

.NET Foundation Website | Blog | Projects | Code of Conduct