This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 55.00000000000001%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIM%3C/text%3E%3C/svg%3E)
Looked online and can't see anyone else talking about this.
About 26 hours ago received the above alert, which is as generic as they come. all command line, parent processes etc. are above board. The file that is dropped is "microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg" (virustotal link below) and is dropped by lync.exe and surrounding activity makes sense for our network, but still seeing large volumes of alerts.
Anyone else experiencing this? Suspect this is maybe just a buggy definition update but issue is still actively occurring after 24 hours so wondering what best approach is? (suppression? Grin and bear it until updates?
Anyone experienced anything similar in the past?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 90%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Hi, if the posted answer resolves your question, please mark it as the answer by clicking the check mark. Doing so helps others find answers to their questions.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
@I'mLenny Apologies for delay on this.
An internal investigation has been done and this is found to be a false positive, the latest version of AV signature update should not flag this anymore.
Please follow the steps below to clear cached detection and obtain the latest malware definitions.
Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
Run "MpCmdRun.exe -SignatureUpdate"
Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions
----------------------------------------------------------------------------------------------------------------------------------------------------------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.