How to Avoid False Positives in Windows Defender When It Detects Viruses

Avoid False Positives in Windows Defender When It Detects Viruses

When we use the Internet, we face many threats with our computers. Thus, for example, we have to face viruses, malware, Trojans and other types of malicious software. Keep in mind that cybercriminals are always looking for new ways to make money. Therefore, it is necessary that our operating system is protected. In Windows, this protection tool is known by the name of Windows Defender. Without a doubt, it is highly advisable to have it active, especially if we do not have an antivirus. In this tutorial, we are going to know how to avoid false positives in Windows Defender and also what it can contribute to us.

Today if we do not have good Internet protection we are sold. To protect us, Microsoft has developed a free tool called Windows Defender. Here we are going to know what it is, how we can use it and how to proceed against false positives in Windows Defender.

What is Windows Defender and what does it offer us

Windows Defender is Microsoft’s next-generation protection component to protect our connection and computer. In short, it is a security program whose purpose is to prevent, remove and quarantine spyware or harmful software in the Microsoft operating system. It is currently also known as Microsoft Defender .

Thus, the next-generation protection services that Windows Defender offers us are:

  1. Behavioral, heuristic, and real-time virus protection.
  2. Protection delivered in the cloud that detects and blocks new and emerging threats almost immediately.
  3. Updates of the antivirus and the program itself .

Without a doubt, it is a good protection tool that we must keep active in Windows 10, unless we have other antivirus software.

Access Windows Defender, scan our computer and more

If we want to access Windows Defender we will follow these steps:

  1. Let’s go to the Start Menu .
  2. Windows settings .

Then we will get a screen like this:

The next step we have to take is to click on Update and security . Next, in the left section we look for Windows Security .

If we want to see the starting place where the security of our computer is managed we have to click on Open Windows Security .

Here the one that interests us in relation to false positives in Windows Defender is the Anti-virus and threat protection section. This is one of the results that it can show you:

In this case, instead of Windows Defender antivirus, it indicates that Avast Antivirus is being used. If we wanted to use it, we should deactivate the current antivirus. In this article we recommend having Windows defender or other antivirus software on. On the other hand, if we do not have an antivirus installed, a screen like this will appear:

Here, if we click on Quick Exam, it will scan our system for viruses and threats. In this case, after carrying it out, as can be seen, no problem has been found. Below, in Exam options you can choose the degree to which we want the analysis to be carried out. Also on the same screen we can manage the antivirus settings and check for updates.

How Windows Defender Notifies We Have a Problem

Threats and false positives in Windows Defender have a specific way of alerting us. In this case, it is usually quite common that occasionally in the notification area we find a Windows Defender icon in various colors:

  • If the icon has a yellow exclamation point, these are recommended actions but should be taken .
  • On the other hand, in red it refers to necessary actions that we must necessarily fix to keep our equipment safe.
  • On the other hand, the icon in green shows us that everything is in order .

Here is an example that shows a yellow icon and other green ones that indicate that everything is correct.

What are false positives and what can we do to fix it?

A false positive could be defined as a file or a process, which was detected and identified as malicious, although in reality it is not really a threat. The correct way to proceed with false positives in Windows Defender would be the following:

  1. Review and classify alerts.
  2. Review the corrective actions we have taken.
  3. Review and definition of exclusions.
  4. Submit that file for analysis.
  5. Review and adjust Windows defender settings.

Now we are going to explain a simple way to proceed when we find a yellow or red icon in the “Virus and threat protection”.

Here what we should do is click Check for updates to make sure you have the latest update installed. Then we will proceed to perform a Quick Exam , and if everything goes well, that warning icon will return to green. In case the problem is not solved in Windows in this same security center, we should also check if the Windows firewall is activated.

Notifications settings

Also the false positives in Windows Defender can be due to how we have configured the notifications. Thus, to solve it we would follow these steps:

  1. We go to the Windows Start Menu .
  2. Settings .
  3. Once inside we have to click on System .
  4. We go to the Notifications and actions section.
  5. There, what you have to do is disable show notifications from these senders.

Next, we go to the Windows Defender settings . There we will check if we need to block files on the network or put files in quarantine . Then we open the task manager and click on the Windows Defender notifications icon. Then with the right button we tap on Finish task . This should solve the problem, although most likely we will have to restart the computer first.

Another option we can do is clear the notification cache using the registry editor. To start using it, just type regedit in the Windows Start Menu .

The route we have to follow is the following:

HKEY_CURRENT_USER> Software> Classes> Local Settings> Software> Microsoft> Windows> CurrentVersion> TrayNotify.

Then a screen like this will appear:

Here what we have to do is delete the Icon Streams and Past Icons Stream registry keys. We restart the computer and check that everything is in order.

What to do with false positive files in Windows Defender

On some occasion, after verifying that a file is a false positive with an antivirus and antimalware tools, we keep getting the message that not everything works correctly. In addition, for greater security before doing anything we could use VirusTotal. It is a tool that does not require installation with which we could verify false positives in Windows Defender. There, an analysis will be shown in which it will be verified that we are free of threats with more than 40 antivirus engines and harmful software.

Once we have verified that this file is not dangerous, we follow these steps:

  1. We open the Windows Defender security center.
  2. Click on Antivirus and Threat Protection .
  3. There we click on the option Manage settings .
  4. In Exclusions we click on Add or remove exclusions .
  5. In the Add exclusion button we can add a file, a folder, a type of file or a process.

Finally, with all these options we have learned to avoid false positives in Windows Defender. Remember also that you always have to have an active antivirus, be it Windows Defender or another.