Windows 10: False threat or not?

Discus and support False threat or not? in AntiVirus, Firewalls and System Security to solve the problem; Hello, I was on discord chilling with my mates and i recieved a notification that my bitdefender blocked something that could potentially be a threat.... Discussion in 'AntiVirus, Firewalls and System Security' started by Jiaming chen, Nov 21, 2021.

  1. JIAMING CHEN
    Jiaming chen Win User

    False threat or not?


    Hello, I was on discord chilling with my mates and i recieved a notification that my bitdefender blocked something that could potentially be a threat. It blocked something related to a microsoft app so idk if it's a false alarm or not.

    :)
     
    Jiaming chen, Nov 21, 2021
    #1
  2. TRY3
    Try3 Win User

    Windows defender false positive - forced to allow threat

    Windows defender has started to identify C:\Windows\System32\mshta.exe as a threat [normally reported as a Trojan Powessere.G]. I use mshta.exe to run an hta custom MsgBox - I have been hoping to keep using my current CustomMsgBox tool [batch file calling a vbs-hta file] until later this year when I hope to have had enough time to replace it with a PowerShell alternative.

    Windows defender's notification lets me "allow the threat" but that seems to me to be a bigger security hole than is necessary - it will now ignore a potentially real intrusion when all I want to run is a genuine Windows component. My immediate problem is fixed but I would prefer to fix the false positive using the exclusions list.

    I cleared the 'Allowed threats history' so I could use the exclusions list instead. I added C:\Windows\System32\mshta.exe to the file exclusions list and I checked that it had taken properly by checking the exclusions list both in the UI & in the Registry. But the exclusion made no difference, it continued to detect and block the exe.

    I have repeated the attempt several times [by clearing the allowed threats list & exclusions list beforehand] and the results are the same every time
    - allowing the threat works,
    - using the exclusions list has no effect.

    I studied the relevant tutorial but have not spotted an error in what I have been doing - Add or Remove Windows Defender Exclusions

    Does anybody with experience of using the exclusions list to counter false positives have any suggestions for me?

    Denis
     
    Try3, Nov 21, 2021
    #2
  3. GAGAGAON
    gagagaON Win User
    Is restoring a quarantined threat the same as allowing the threat?

    My Windows defender scan reported a threat last week. I quarantined it. After a few days, I updated my defender virus definitions, restored the threat, and ran another scan (because I wanted to find out if it was a false positive). This new scan did not
    report any threat.

    However, under defender's threat history, allowed items, I see this threat listed. I do NOT want to allow the threat, just wanted to find out if the latest definitions would still reported the file as a threat. How should I do that? Thank you. I am using
    windows 10.
     
    gagagaON, Nov 21, 2021
    #3
  4. REAL NOOB
    Real Noob Win User

    False threat or not?

    How can I verify if virus threats are false positives or actually threats?

    I was trying to install some time tracking applications: Procrastitracker and Fruitful Time based on suggestions from this question.

    Unfortunately, Avast keeps showing me messages about IDP.Alexa.51 and IDP generic in these apps respectively. Is there any way to know if such messages are false positives or if the file is actually harmful?

    Thanks.
     
    Real Noob, Nov 21, 2021
    #4
Thema:

False threat or not?

Loading...

  1. False threat or not? - Similar Threads - False threat

  2. False Positive WIndows Defender Alert - How to officially whitelist applications.

    in Windows 10 Gaming
    False Positive WIndows Defender Alert - How to officially whitelist applications.: Hi,I created StreamDeck plugin for an Autoclicker which I deleveloped myself. This plugin was published on the Elgato Marketplace. The plugin already had thousands of users that were able to use it without any issues. Unfortunately around April a Windows Defender Update...

  3. False Positive WIndows Defender Alert - How to officially whitelist applications.

    in Windows 10 Software and Apps
    False Positive WIndows Defender Alert - How to officially whitelist applications.: Hi,I created StreamDeck plugin for an Autoclicker which I deleveloped myself. This plugin was published on the Elgato Marketplace. The plugin already had thousands of users that were able to use it without any issues. Unfortunately around April a Windows Defender Update...

  4. VirtualizationFirmwareEnabled shows false even when virtualization technology is enabled in...

    in Windows 10 Gaming
    VirtualizationFirmwareEnabled shows false even when virtualization technology is enabled in...: So, I am on Windows 11 Home and I use virtualization technology Intel-VT for some application. Today when I tried to run that application, it showed me error so when I checked using Get-CimInstance -ClassName Win32_Processor Select-Object -Property Name,...

  5. VirtualizationFirmwareEnabled shows false even when virtualization technology is enabled in...

    in Windows 10 Software and Apps
    VirtualizationFirmwareEnabled shows false even when virtualization technology is enabled in...: So, I am on Windows 11 Home and I use virtualization technology Intel-VT for some application. Today when I tried to run that application, it showed me error so when I checked using Get-CimInstance -ClassName Win32_Processor Select-Object -Property Name,...

  6. Urgent! Persistent False Positive Detection of Our Software as Trojan:Win32/Kepavll!rfn

    in Windows 10 Gaming
    Urgent! Persistent False Positive Detection of Our Software as Trojan:Win32/Kepavll!rfn: Hello,We are a software development company whose desktop application is being falsely detected as Trojan:Win32/Kepavll!rfn by Microsoft Defender on our users' Windows systems. We have already submitted our software for malware analysis through the Microsoft Defender Security...

  7. False positive threats

    in AntiVirus, Firewalls and System Security
    False positive threats: I bought recently a new computer with Windows 11 pre-installed, I made all the necessary updates, installed my applications and finally downloaded Google drive, by the way I was thinking to switch back to OneDrive but Microsoft didn't as usual fix the damn cloud.Anyway, after...

  8. Is this a false alarm, or legitimate threat? I checked updates, and updated Windows...

    in Windows 10 Ask Insider
    Is this a false alarm, or legitimate threat? I checked updates, and updated Windows...: [ATTACH] submitted by /u/Ninetales7700 [link] [comments] https://www.reddit.com/r/Windows10/comments/jo60l2/is_this_a_false_alarm_or_legitimate_threat_i/

  9. Windows defender false positive - forced to allow threat

    in AntiVirus, Firewalls and System Security
    Windows defender false positive - forced to allow threat: Windows defender has started to identify C:\Windows\System32\mshta.exe as a threat [normally reported as a Trojan Powessere.G]. I use mshta.exe to run an hta custom MsgBox - I have been hoping to keep using my current CustomMsgBox tool [batch file calling a vbs-hta file]...

  10. Safe website falsely tagged as a threat.

    in AntiVirus, Firewalls and System Security
    Safe website falsely tagged as a threat.: I'm going to the website https://kidsvip.ca/ (a website just online shop on wordpress) and Windows Defender keeps telling me that the website is a potential threat. Is there a way to disable the notice for this website? I know for certain that this website is safe....