Powertoys: Malicious application blocked by Bitdefender
I just received a notification to update Powertoys to v0.18.0 and as soon as it finished my Bitdefender Free Antivirus warned me of the following:
Injection detected as Gen:Variant.Razy.639527 was performed by C:\Program Files\PowerToys\PowerToys.exe was blocked. Your device is safe.
Is this a false positive that I can easily exclude?
ema93a
All 7 comments
Can confirm that same happened to me, Bitdefender blocked it.
I'm waiting for answer before excluding it.
pivke
on 20 May 2020
same here, anyone had an update on this?
natedetsi
on 20 May 2020
It may be a false positive, but I'm not a Bitdefender expert and I don't know if it's saying that PowerToys.exe has been infected with Gen:Variant.Razy.639527 of if it says that PowerToys.exe is a malicious software itself.
Does Bitdefender have an option to submit the report to the company for further investigation?
enricogior
on 20 May 2020
Could you please check if the digital signature for PowerToys.exe is _OK_?
yuyoyuppe
on 20 May 2020
I sent a ticket to Bitdefender, I'll update when they reply.
Also, the digital signature says Microsoft Corporation.
The file has been automatically sent to our laboratories for specialized analysis. If the file is indeed a False Positive, the detection will be removed in the next 72 hours and the modification will be implemented in the product through a Signature Update. Please keep your Bitdefender up-to-date.
The detection may disappear altogether if they find it's a false positive.
ema93a
on 20 May 2020
Changed title to make it easier to find using search.
enricogior
on 20 May 2020
I scanned PowerToys.exe today with Bitdefender and it was all good now. 馃憤馃徎
pivke
on 20 May 2020
Related issues
Marrib
路
3Comments
saahmedm
路
3Comments
verglor
路
3Comments
Satanarious
路
3Comments
amorenew
路
3Comments
Most helpful comment
I scanned PowerToys.exe today with Bitdefender and it was all good now. 馃憤馃徎