Forum Discussion
Severely malicious running process detected by Windows Defender in 22610 update
While installing the Windows 11 Dev update to build 22610 today, Windows Defender arrested "Severe" malware, an actively running process, not just an inactive file. The update errored with 0xc190011f...
It might have been a false-positive detection.
Sometimes, the Anti-Malware engine detect safe component as unsafe based on their behavior.
Do you know the location of files or components which detected as malicious earlier?
Sometimes, the Anti-Malware engine detect safe component as unsafe based on their behavior.
Do you know the location of files or components which detected as malicious earlier?
No, the only detection was a running process, which is in the memory, and it did not specify the process name, only the single use unique identifier. It might be C:\Windows\SoftwareDistribution, as deleting that folder causes it to take longer when retrying before the malicious item occurs. None of the scanners detected anything that was saved in C:\Windows\SoftwareDistribution or any other folder.
- In case you perform multiple scans with different Anti-Malware products, I believe you are safe. However, in case you have sample of malicious files, and you believe they are not being detected let us know.