Windows Defender false positive about ntvdmx64 HOT 6 CLOSED

I'm unable to add an exclusion through the Windows Defender control panel.

from ntvdmx64.

I have been able to add exceptions to it, so the DOS programs can run without problems. But because Windows Defender almost "works on its own", after a few days it will put the files again in quarantine, and I need to add the exception again. It wont keep that rule for too long, I dont know why.

Windows 10 Pro / 64bit

from ntvdmx64.

Windows Defender is a real pest, I disabled it on my machines, and they are very uncooperative on reported false positives.
I once wrote a very simple program that just reconnected mapped network drives upon start (as there are always problems with this starting with Windows 7) und nearly 50% of all AV-products flagged it as a virus.
I then tested for how long it takes until vendors that I notified fixed their fauly signatures.
From that, I made the following table of AV-vendors sorted by their response time:

Vendor | Days | Result | Comment
ESET | 0 | Fixed |  
F-Secure | 0 | Fixed |  
G Data | 0 | Fixed |  
AVG | 0 | Fixed |  
Avast | 1 | Fixed |  
Adaware | ? | Fixed | No direct response, but no longer detected after 2 days
Microsoft | 2 | Fixed |  
Kaspersky | 2 | Fixed |  
Vipre | 2 | Fixed |  

Given that table, Microsoft did fix their signatures, however I once submitted ldntvdm.dll as a false positive and didn't get a reply at all that they fixed it. But if enough users submit it for whitelisting, maybe they will fix it. The problem is that I often do new builds of the loader when I fix something and then it may drop off from whitelisting and gets flagged again, but I hope the loader is stable enough now so that we can request a whitelisting. Anyone of you wants to report the false positive to MS?

from ntvdmx64.

I scanned the recent loader.dlls and Windows defender doesn't flag them as bad, do you use the most recent loader and what false positives do you get?

from ntvdmx64.

Hi.

I just wanted to say that I am also getting a false positive from Windows Defender.
I get something called "Trojan:Win32/Tiggre!plock upon scanning the files
and it is referencing this file: ldntvdm.dll

I also want to make a whitelist report if your reporting isn't enough.
What do I need to do?

from ntvdmx64.

Hi,

You can submit files for analysis here:
https://www.microsoft.com/security/portal/Submission/Submit.aspx

I didn't have success with this method when I first tried, at least no answer

There is also e-mail submission to [email protected]
Should be a password protected zip file. Maybe there is feedback when using the e-mail submission system.
Thank you.

from ntvdmx64.