False positive Conteban.A!ml detection on DOCX, XLSX, PDF and ZIP files

At last, perfect replacement for Outlook Express and Windows Live Mail is available, called OE Classic - Click here to download!

Microsoft has really messed up this time. In the most recent update of Windows Defender Antivirus definitions file (called Security intelligence in Windows 10), it has started flagging some of the DOCX (Microsoft Word), XLSX (Microsoft Excel), PDF (Adobe Reader / Adobe Acrobat) and ZIP (archive format) files as Conteban.A!ml malware. Note that some other types may be reported such as Wacatac.B!ml.

The threat itself is described on https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Conteban.A!ml&ThreatID=2147735506

However, while this is a real threat, the latest Windows Defender Antivirus falsely labels otherwise safe files as malware. The problem can be seen by simply attempting to scan affected file types where Windows Defender will report a detection.

What you should know is that this is a false positive detection. That means the problem does not exist, it incorrectly labels safe files as malware-positive detection. If the same files are scanned by other antivirus programs they turn out as safe.

A quick workaround solution is to click on Protection history and then expand any of the “Threat blocked” items. In the bottom right corner there is Actions drop-down under which there is an Allow option.

But much better (and what I recommend) solution would be to use the application called Feedback Hub which you can find by searching Windows 10 and report this problem back to Microsoft. The more reports they get the sooner they will react and fix the problem they have introduced with this Windows Defender Antivirus update.

Published by


Phazze (Zvonko Tesic) is entrepreneur, programmer, music producer and blogger.

Leave a Reply

Your email address will not be published. Required fields are marked *