1. False positive from Windows Defender (Phix/pw.exe)
- Posted by petelomax Jun 01, 2018
- 1309 views
Just for info, Windows Defender started kicking up a fuss about pw.exe, so I submitted it for analysis and got the following reply:
https://www.microsoft.com/en-us/wdsi/submission/572d7268-84cf-4b4a-a1c2-112ff2fdf043
which now gives it the all clear. Amazingly this all happened in less than 12 hours.
Regards,
Pete
2. Re: False positive from Windows Defender (Phix/pw.exe)
- Posted by euphoric (admin) Jun 02, 2018
- 1260 views
Just for info, Windows Defender started kicking up a fuss about pw.exe, so I submitted it for analysis and got the following reply:
https://www.microsoft.com/en-us/wdsi/submission/572d7268-84cf-4b4a-a1c2-112ff2fdf043
which now gives it the all clear. Amazingly this all happened in less than 12 hours.
Regards,
Pete
I even told it (locally) that pw.exe is fine, to leave it alone. And it still was knocking it out!
The link above says I cannot view it, but I'm hopeful I won't have my program crash in the middle of the run now.
3. Re: False positive from Windows Defender (Phix/pw.exe)
- Posted by petelomax Jun 02, 2018
- 1229 views
The link above says I cannot view it, but I'm hopeful I won't have my program crash in the middle of the run now.
Oh yeah, I have to sign in to see it - those new privacy laws, I guess, eh?
Anyway, all it said was:
Submission details pw.exe Submission ID: 572d7268-84cf-4b4a-a1c2-112ff2fdf043 Status: Completed Submitted by: Pete Lomax Submitted: Jun 1, 2018 7:42:16 AM User Opinion: Incorrect detection Analyst comments: Hello , Thank you for your inquiry. We have reviewed the file and we have removed the detection. Best regards, Windows Defender Response Last rescan request: Jun 1, 2018 11:38:21 AM Showing 1 of 1 entries File name Final determination Protection Current detection Definition version pw.exe Not malware Cloud No malware detected Online Not malware Client No malware detected 1.269.461.0And actually, it was less just than 4 hours, for free 'n all!
4. Re: False positive from Windows Defender (Phix/pw.exe)
- Posted by petelomax Jun 11, 2018
- 1107 views
Got another one, also promptly dealt with:
Analyst comments: Hello, Thank you for your inquiry. We have reviewed the file and we have removed the detection. Please try the following steps to clear cached detections and obtain the latest malware definitions. 1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender 2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures” The change will be available latest build. This new definition library will be available for users who subscribe to the automatic definition update mechanism, as well as users who choose to manually update their definition library. The latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions Best regards, Windows Defender Response Showing 1 of 1 entries File name Final determination Protection Current detection Definition version pw.exe Not malware Cloud No malware detected Online Client No malware detected 1.269.1068.0