Windows 10: False positive for executable in MDE for 365

Discus and support False positive for executable in MDE for 365 in Windows 10 Gaming to solve the problem; Hey community, recently users from our end created python script .py and converted it into executables .exe using pyinstaller.exe. During the... Discussion in 'Windows 10 Gaming' started by Jack_788, Jan 11, 2024.

  1. JACK_788
    Jack_788 Win User

    False positive for executable in MDE for 365


    Hey community, recently users from our end created python script .py and converted it into executables .exe using pyinstaller.exe. During the compilation, MDE alerted on the executables and send it to our security dashboard microsoft defender 365. Upon investigation, the script is not malicious and the alert is false positive. How do we fine tune this or approach this issue from security perspective?

    :)
     
    Jack_788, Jan 11, 2024
    #1
  2. SNIXTOR
    Snixtor Win User

    False positive for desktop shortcut scanner.lnk

    The 1.239.488.0 virus / spyware definition update that rolled out about 24 hours ago appears to be producing a false positive for any shortcut placed on the desktop called "Scanner.lnk". I can consistently replicate a false positive for Trojan:Win32/FakeSysdef
    with the following steps.

    • Create a shortcut to an exe file.
    • Place the shortcut on the desktop.
    • Name the shortcut "Scanner".
    • Run "Quick Scan".
    I don't get the same result by directly scanning the file, nor by uploading the file to www.virustotal.com, so it would appear this is as a result of a heuristic rather than a file content analysis. I also don't get the same result with a shortcut that links
    to a website.

    Can anyone else replicate? How can we go about getting the Windows Defender team to reconsider this heuristic? It's a bit heavy-handed.
     
    Snixtor, Jan 11, 2024
    #2
  3. R-T-B
    R-T-B Win User
    False Positive for AV

    It's common to nearly all anti-virus software these days to have some false positives, it's sort of a "Better safe than sorry" philosophy. Most good ones let you dismiss false positives though in my experience. An example would be a blacklisted EXE name. I used to play a game that had an executable names "Joshua.exe" Aparantly a common virus also used that name, and the AV went nuts. Fortunately in my case I was able to whitelist the application.
     
    R-T-B, Jan 11, 2024
    #3
  4. JOANNA 777
    Joanna 777 Win User

    False positive for executable in MDE for 365

    defender false positive

    Hi Bob,

    To better assist you, kindly verify the following:

    • Where did you submit the file about Windows Defender being false positive?
    • Right after the recent Windows 10 update, your Zara Radio stopped working?
    • Regarding the 404 error, what application were you using when you got that error?

    Let us know.
     
    Joanna 777, Jan 11, 2024
    #4
Thema:

False positive for executable in MDE for 365

Loading...

  1. False positive for executable in MDE for 365 - Similar Threads - False positive executable

  2. Is this a false positive?

    in Windows 10 Gaming
    Is this a false positive?: I ran autorun, virustotal says it had trojan virus. Only one steam.exe existed in system.I checked hashes are the same, but I am not sure about sign whether is legit or not.I lived in Thailand, so there must have time zone differenece.The extra 32 seconds compared to the...

  3. Is this a false positive?

    in Windows 10 Software and Apps
    Is this a false positive?: I ran autorun, virustotal says it had trojan virus. Only one steam.exe existed in system.I checked hashes are the same, but I am not sure about sign whether is legit or not.I lived in Thailand, so there must have time zone differenece.The extra 32 seconds compared to the...

  4. False positive??

    in AntiVirus, Firewalls and System Security
    False positive??: Hello! I downloaded a file from web and I think I got viruses or malware from it. First, Windows Defender notified me that I got malware and I deleted all the temp and patched files from my laptop and scanned it after with Microsoft Security Scan and it said I have 0 files...

  5. False positive??

    in Windows 10 Gaming
    False positive??: Hello! I downloaded a file from web and I think I got viruses or malware from it. First, Windows Defender notified me that I got malware and I deleted all the temp and patched files from my laptop and scanned it after with Microsoft Security Scan and it said I have 0 files...

  6. False positive??

    in Windows 10 Software and Apps
    False positive??: Hello! I downloaded a file from web and I think I got viruses or malware from it. First, Windows Defender notified me that I got malware and I deleted all the temp and patched files from my laptop and scanned it after with Microsoft Security Scan and it said I have 0 files...

  7. False positive for executable in MDE for 365

    in Windows 10 Software and Apps
    False positive for executable in MDE for 365: Hey community, recently users from our end created python script .py and converted it into executables .exe using pyinstaller.exe. During the compilation, MDE alerted on the executables and send it to our security dashboard microsoft defender 365. Upon investigation, the...

  8. Is this a false positive

    in Windows 10 Gaming
    Is this a false positive: I'm pretty scared cause I clicked on this link for help and it flagged as malicious https://www.virustotal.com/gui/url/419ed1cdabbd93e665156658d341edf1ef001c4158864fa4ca2ad501839a3dd7?nocache=1...

  9. Is this a false positive

    in Windows 10 Software and Apps
    Is this a false positive: I'm pretty scared cause I clicked on this link for help and it flagged as malicious https://www.virustotal.com/gui/url/419ed1cdabbd93e665156658d341edf1ef001c4158864fa4ca2ad501839a3dd7?nocache=1...

  10. is this a false positive or no?

    in Windows 10 Ask Insider
    is this a false positive or no?: [ATTACH] submitted by /u/GloomyMusician24 [link] [comments] https://www.reddit.com/r/Windows10/comments/lb83rc/is_this_a_false_positive_or_no/