Solved Windows Defender Creating False Alarms?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

PopinArt

Thread Starter
Account Closed
Joined
Feb 5, 2018
Messages
263
Hello,

Any recent reports of Windows Defender creating false alarms?

After upgrading to Win 10,1709, and installing latest virus definitions from Microsoft, Defender marked the "setup.exe" and "setupARP.exe" of Corel Corporation (CorelDraw x7) as Win32/Neshta.

Scanned my PC with Malwarebytes free and Kaspersky. No malware was detected. Submitted the file to Kaspersky Online Labs, they emailed a CLEAN report.

Seems that only Windows Defender detecting it as virus.

Any ideas?


Thanks.
 

DaveA

David
Trusted Advisor
Spam Fighter
Joined
Nov 16, 1999
Messages
17,258
I have NOT see this issue and I have done a couple of complete scans.
 

PopinArt

Thread Starter
Account Closed
Joined
Feb 5, 2018
Messages
263
Seems that defender is "over-reacting". My PC is completely offline and I used legitimate setup CD of Corel.

So no real chance of a virus getting in.
 

PopinArt

Thread Starter
Account Closed
Joined
Feb 5, 2018
Messages
263
Also Win32/Neshta, infects windows .exe files first.Like svchost.exe gets infected first. But the complete scan did not report any .exe infections.
 

PopinArt

Thread Starter
Account Closed
Joined
Feb 5, 2018
Messages
263
Maybe, a problem with new definitions on Microsoft's part?
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
W10 1709 defender is designed to work ONLINE. it uses cloud technology to check suspicious files and doesn't rely so much on downloaded definitions
please read Win32/Neshta which will show you that it probably is detecting %SystemRoot%\directx.sys which I seem to recall corel draw using. It will almost certainly be detecting the paths in the setup program

report it to Microsoft
https://www.microsoft.com/en-us/wdsi/filesubmission
select home user, optionally sign in to your Microsoft account, select the file(s) and select the wrong detection option
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top