Windows 10: My friend tried to install QBitTorrent and Defender flagged it as a threat. He downloaded...

Discus and support My friend tried to install QBitTorrent and Defender flagged it as a threat. He downloaded... in Windows 10 Ask Insider to solve the problem; [ATTACH] submitted by /u/bluelagoonstyle [link] [comments]... Discussion in 'Windows 10 Ask Insider' started by /u/bluelagoonstyle, Mar 24, 2021.

  1. /U/BLUELAGOONSTYLE
    /u/bluelagoonstyle Win User

    My friend tried to install QBitTorrent and Defender flagged it as a threat. He downloaded...

    /u/bluelagoonstyle, Mar 24, 2021
    #1
  2. STITCH194
    Stitch194 Win User

    Defender Flagged Windows ISO

    Performed a manual WD quick scan. It flagged a PUA as severe, Active.
    PUA:Win32/Shoppers.

    Examining (Defender History) the threat with Defender to my surprise revealed:

    My friend tried to install QBitTorrent and Defender flagged it as a threat. He downloaded... [​IMG]


    The ISO was downloaded from the download link provided on (Windows News)this Forum.
    Did Windows Defender just shoot MS in the foot. Is it a false positive?
    Just to err on the side of caution, I successfully removed the threat, with some difficulties, if you can't trust Windows Defender who can you trust.
    Any ideas what this all about would be welcomed.
     
    Stitch194, Mar 24, 2021
    #2
  3. FASTEDDIE(2)
    fasteddie(2) Win User
    Defender flags a Trojan in Pulse VPN install exe file

    Thx for the suggestions. When I looked in properties it seemed to suggest it was v8.x, yet the last version I could find to download was v5.x so seemed a bit of a mismatch. I tried 4 or 5 other anti-virus/malware scanners and none flagged this Trojan in
    the file. Anyway I took it to our IT to sort out and they got it installed, although I suspect all they did was treat it as a false-positive and Allowed it Defender!
     
    fasteddie(2), Mar 24, 2021
    #3
  4. TRY3
    Try3 Win User

    My friend tried to install QBitTorrent and Defender flagged it as a threat. He downloaded...

    Windows defender false positive - forced to allow threat

    Windows defender has started to identify C:\Windows\System32\mshta.exe as a threat [normally reported as a Trojan Powessere.G]. I use mshta.exe to run an hta custom MsgBox - I have been hoping to keep using my current CustomMsgBox tool [batch file calling a vbs-hta file] until later this year when I hope to have had enough time to replace it with a PowerShell alternative.

    Windows defender's notification lets me "allow the threat" but that seems to me to be a bigger security hole than is necessary - it will now ignore a potentially real intrusion when all I want to run is a genuine Windows component. My immediate problem is fixed but I would prefer to fix the false positive using the exclusions list.

    I cleared the 'Allowed threats history' so I could use the exclusions list instead. I added C:\Windows\System32\mshta.exe to the file exclusions list and I checked that it had taken properly by checking the exclusions list both in the UI & in the Registry. But the exclusion made no difference, it continued to detect and block the exe.

    I have repeated the attempt several times [by clearing the allowed threats list & exclusions list beforehand] and the results are the same every time
    - allowing the threat works,
    - using the exclusions list has no effect.

    I studied the relevant tutorial but have not spotted an error in what I have been doing - Add or Remove Windows Defender Exclusions

    Does anybody with experience of using the exclusions list to counter false positives have any suggestions for me?

    Denis
     
    Try3, Mar 24, 2021
    #4
Thema:

My friend tried to install QBitTorrent and Defender flagged it as a threat. He downloaded...

Loading...

  1. My friend tried to install QBitTorrent and Defender flagged it as a threat. He downloaded... - Similar Threads - friend tried install

  2. Defender Flags "StorageMonitor.exe"

    in Windows 10 Gaming
    Defender Flags "StorageMonitor.exe": I upgraded my MB from an Asus Z390-e to an Asus Z790-e.....,when the Asus drivers and programs were loaded, "amsi: \Device\HarddiskVolume13\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StorageMonitor.exe" was installed.Windows Defender says that program is a...

  3. Defender Flags "StorageMonitor.exe"

    in Windows 10 Software and Apps
    Defender Flags "StorageMonitor.exe": I upgraded my MB from an Asus Z390-e to an Asus Z790-e.....,when the Asus drivers and programs were loaded, "amsi: \Device\HarddiskVolume13\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StorageMonitor.exe" was installed.Windows Defender says that program is a...

  4. Defender Flags "StorageMonitor.exe"

    in Windows 10 Drivers and Hardware
    Defender Flags "StorageMonitor.exe": I upgraded my MB from an Asus Z390-e to an Asus Z790-e.....,when the Asus drivers and programs were loaded, "amsi: \Device\HarddiskVolume13\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\StorageMonitor.exe" was installed.Windows Defender says that program is a...

  5. My friend's PC reboots when he's playing games

    in Windows 10 BSOD Crashes and Debugging
    My friend's PC reboots when he's playing games: Hello, as the title says my friend's PC is rebooting from time to time during gaming. My speculations are on PSU.Event viewer shows two critical errors when this happens, one is Kernel-Power 41 63 Here's what log says about it:Log name: SystemSource:...

  6. Windows defender flagging the same "threat" I marked as an exclusion every day

    in Windows 10 Ask Insider
    Windows defender flagging the same "threat" I marked as an exclusion every day: I have a program on my computer that windows defender thinks is a threat but is actually not. I have marked the file itself, the folder its in, and the process it runs as exclusions to the scan, yet every day I have to restore it from quarantine as it keeps flagging it. I do...

  7. Windows 10 unistalled qBittorrent and is now flagging all torrent clients as having viruses...

    in Windows 10 Ask Insider
    Windows 10 unistalled qBittorrent and is now flagging all torrent clients as having viruses...: I have Windows 10 Pro 19041.804 and I recently found out that Windows unistalled my current torrent client, qBittorrent. I tried to reinstall it but it flagged a virus and blocked the install, I tried uTorrent, BitTorrent, and Vuze, and they were all flagged with viruses and...

  8. MY FRIEND BOUGHT MINECRAFT AND HE CANT PLAY

    in Windows 10 Gaming
    MY FRIEND BOUGHT MINECRAFT AND HE CANT PLAY: So, my friend bought a working code for minecraft, he registered it with Microsoft account and then when he tried to login to a server it said "failed to login: null". Anyone got a fix?...

  9. qBittorrent downloading only at half speed!?

    in Windows 10 Software and Apps
    qBittorrent downloading only at half speed!?: Hy, I dealing with this problem for few months now, and it drives me crazy *Banghead Tried everything, different settings for qbittorrent I find on other forums so far... no luck. Downloading with browser works great, downloading at maximum speed 4-5 MB/s. But with...

  10. Defender Flagged Windows ISO

    in AntiVirus, Firewalls and System Security
    Defender Flagged Windows ISO: Performed a manual WD quick scan. It flagged a PUA as severe, Active. PUA:Win32/Shoppers. Examining (Defender History) the threat with Defender to my surprise revealed: [img] The ISO was downloaded from the download link provided on (Windows News)this Forum. Did Windows...