By chance, last night I decided to run a full scan on one of my Windows 7 machines with Windows Defender. (Note that this is the old-style Windows Defender that used to come with Vista and 7.) And guess what, it found something to remove: The file in question is the installer for the EaseUS Data Recovery Wizard. Out of curiosity, I checked this file on VirusTotal, and Microsoft Defender was the only vendor to flag the file. This was interesting because it suggests that the old-style Windows Defender uses the same definition files as the modern Microsoft Defender, which I did not expect.
Seems like Defender doesn't like EaseUS https://www.reddit.com/r/techsupport/comments/1k9fb6y/easeus_data_recovery_wizard_free_detected_as/
A couple comments. First, it is important to note that is NOT malware, nor is it being tagged as malware. It is [correctly so] identified as "Adware". And yes, while EaseUS is a reputable company, they have been known to be rather aggressive in their marketing tactics. Thus the "potentially" unwanted software (PUP), which is true. I have had Malwarebytes tag the same file as a PUP too so it is not just Microsoft. Second, that version of Windows Defender did NOT come "with" W7. It had to be downloaded and installed separately. Initially it was called Microsoft Security Essentials (MSE). There was another Windows Defender back then but it was a strictly an anti-spyware program. So for awhile, Microsoft had two different programs with the same name. Just another example of their history of confusing naming conventions. How many "Outlooks" and "Explorers" are there? Third, not 100% certain but when Microsoft finally changed MSE to Defender, they did indeed code them to share the same signature/definition files. And that makes sense. It would be silly and wasteful to maintain two sets of files.
Yes, the screenshot is indeed for the original, anti-spyware Windows Defender that came preinstalled on Windows 7. I never had MSE on that machine. The interesting thing is that it appears to use the same virus definition database as Microsoft's modern product, or at least one similar enough to flag the same EaseUS installer. BTW, I totally agree that Microsoft makes a total mess of its product naming. I keep shifting between thinking it's deliberate and thinking it's incompetence.
no antivirus is free of false positives. but you missed the real point. Defender flagged the online installer (2.7megs), not the offline setup. its legal to block online installers because those act as malware loading more from the web, which sometimes include adware.
