Skip to main content

Notice

Please be aware that much of the software linked to or mentioned on this forum is niche and therefore infrequently downloaded. Lots of anti-virus scanners and so-called malware detectors like to flag infrequently downloaded software as bad until it is either downloaded enough times, or its developer actually bothers with getting each individual release allow listed by every single AV vendor. You can do many people a great favor when encountering such a "problem" example by submitting them to your AV vendor for examination. For almost everything on this forum, it is a false positive.
Topic: foo_pd_aac: Flagged as trojan by Microsoft Defender (Read 1355 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

foo_pd_aac: Flagged as trojan by Microsoft Defender

Since this morning (CET) foo_pd_aac has been flagged as a trojan by Microsoft Defender. I guess, and hope, it is a false positive, but I thought I'd let you all know.

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #1
It is a Russian Hackers. Do not worry.
Or
It is a grate time to normal-antivirus-installing.

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #2
Looks like another lovely case of false positive. VirusTotal mainly shows the typical nonsense detections, same engines that "detect" absolutely everything as malicious. Quick check at API calls it makes shows suggests that it does nothing malicious and is just a typical helpful component. I submitted the file to Microsoft for re-evaluation.

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #3
Update. Microsoft was quick and the false detection has been removed.

Quote
Analyst comments:


                We have removed the detection.  Please follow the steps below to clear cached detection and obtain the latest malware definitions.

     1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
     2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
     3. Run "MpCmdRun.exe -SignatureUpdate"

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #4
Thanks a lot, works again now.

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #5
Thanks, Case, for filing that false positive report before I even had a chance to notice this.

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #6
Same situation today with Symantec Endpoint Protection, detected as Trojan.Gen.2.

--------------------

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #7
It's secretly a backdoor trojan designed to take over your computer and empty your online banking accounts.

Or it could be that all antivirus scanners are merely useless security theater whose only purpose is to ensure high detection rates on the testing corpus and nothing more.

 

Re: foo_pd_aac: Flagged as trojan by Microsoft Defender

Reply #8
Sure :D I know it's not a virus, submited file as false positive, waiting for response.
Unfortunately, AV is corporate policy. Fortunately, there is exception list :)
--------------------

 
SimplePortal 1.0.0 RC1 © 2008-2021