Share via

MSI is detected as a virus by Windows Defender

Test Admin 176 Reputation points
2022-02-22T16:09:30.78+00:00

When scan the MSI in windows defender installed machine, Its detected as a virus.

Please refer the attached screen capture(MSI_defender_error.png).

Previously we have faced the same issue and raised a ticket to Microsoft team.
Microsoft team Concluded that, if the same issue is not reproducible in other similar systems, then its a false positive.
But now we have encountered the same issue again in 2 machines.

Machine 1: MSI is not signed the certificate(Publisher=Unknown) and scanned.
Machine 2: MSI is signed the certificate(Publisher=Valid User) and scanned.

Could you please clarify the cause for this virus detection in defender
Note: The MSI will be downloaded from storage APP using browser and scanned.

Windows for business | Windows Client for IT Pros | Devices and deployment | Configure application groups
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Reza-Ameri 17,341 Reputation points Volunteer Moderator
    2022-02-22T17:44:50.557+00:00

    In case you believe this is a safe file, then you may submit sample of it and report it as incorrect detection.
    Take a look at:
    https://www.microsoft.com/en-us/wdsi/filesubmission
    In this case, Microsoft Anti-Malware team need to review the file and confirm if it is safe or not.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.