Windows 10: is this a false positive or no?

submitted by /u/GloomyMusician24
[link] [comments]

:)

 

False positive for desktop shortcut scanner.lnk

The 1.239.488.0 virus / spyware definition update that rolled out about 24 hours ago appears to be producing a false positive for any shortcut placed on the desktop called "Scanner.lnk". I can consistently replicate a false positive for Trojan:Win32/FakeSysdef
with the following steps.

• Create a shortcut to an exe file.
• Place the shortcut on the desktop.
• Name the shortcut "Scanner".
• Run "Quick Scan".

I don't get the same result by directly scanning the file, nor by uploading the file to www.virustotal.com, so it would appear this is as a result of a heuristic rather than a file content analysis. I also don't get the same result with a shortcut that links
to a website.

Can anyone else replicate? How can we go about getting the Windows Defender team to reconsider this heuristic? It's a bit heavy-handed.

 

defender false positive

Hi Bob,

To better assist you, kindly verify the following:

• Where did you submit the file about Windows Defender being false positive?
• Right after the recent Windows 10 update, your Zara Radio stopped working?
• Regarding the 404 error, what application were you using when you got that error?

Let us know.

 

Questioning a false positive for a Windows Defender virus scan

Anytime you suspect a possible
false positive or you want a second opinion, submit it to one of the online services that analyzes suspicious files. There are also number of web resources (URL Link Scanners) which can be used to check suspicious/unfamiliar
sites or get second opinions.

• Comprehensive List of URL analyzers & services