Defender mis-classified Winaero Tweaker as a hacker tool

[German]The tool Winaero Tweaker was mistakenly classified by Windows Defender as a hacker tool or unwanted software and quarantined. But the whole thing seems to be fixed in the meantime.


The Winaero Tweaker is a tool for Windows 7 to Windows 10, with which you can retrieve certain information and make adjustments.

 Winaero Tweaker
(Winaero Tweaker)

I had already read it the days with the colleagues of gelesen. The developer had noticed that the Winaero Tweaker was suddenly quarantined under Windows 10 as potentially unwanted software (PUS) and thus blocked. WinAero had discussed this in this article. Here are some screenshots that WinAero posted about this incident wurde.

Winaero Tweaker Flagged By Defender

In the screenshot above there is a concrete hint that a virus has been found in the Winaero Tweaker. The following toast notification also shows a finding.


Winaero Tweaker Flagged By Defender

In the following screenshot, a more detailed explanation was then provided. The program was identified as a hacking tool.

Winaero Tweaker Flagged By Defender

But this was a false alarm, the Winaero Tweaker does not contain any malware and is not a hacking tool. In the meantime Microsoft has probably noticed the error and corrected the whole thing with a definition update, which raises the Defender to version 1.313.1221.0.

Bleeping Computer had picked up the whole thing here. Windows Defender uses heuristics and AI to classify programs as malicious, but sometimes these "intelligent systems" make mistakes. "The tradeoff of a smart, scalable approach is that some of our more aggressive classifications occasionally misclassify normal files as malicious (false positives). Although false positives are a very small occurrence compared to the large number of malware that we correctly identify (true positives) and protect our customers from, we recognize the impact that misclassified files can have," writes Michael Johnson of Windows Defender Research.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Software, Windows and tagged , , . Bookmark the permalink.

1 Response to Defender mis-classified Winaero Tweaker as a hacker tool

  1. EP says:

    it's a shame that certain faulty definition detection files for windows defender (maybe the ones from either end of March 2020 or start of April 2020) were treating Winaero Tweaker as a hacking tool when it really isn't.

    I haven't encountered that problem between Windows Defender and Winaero Tweaker cuz I had WD definition files dated in early March 2020 – but I'll update them to the bugfixed ones from April.

Leave a Reply

Your email address will not be published. Required fields are marked *