I am sorry for the lack of explanation. However, a (sort of) friend asked me why Avast! was blocking a file on start-up. Looked at it. This is the picture he sent.
https://twitter.com/Neverportal1/status/483691523184160769/photo/1
I did some research. It turns out to be a file from MSE or Defender. I don’t know which. Don’t care at the moment. (Bless the lords for PL 3). (And yes Essex, I hate research. Azarl will have to show me the tricks.)
It’s been repoted as a FP so hopefully it’ll stop. (I also gave him a lecture on why he shouldn’t have MSE And Avast! on the same computer.
Info found Here
Now, I will note, the file names are NOT the same.
VT scan was also done. See This link.
(Notice McAShit found it. I presume MSE updates aren’t encrypted)
And, can someone lower the stupid filter again? Like the “Awaiting Approval” is annoying. And stops others from seeing this thread unless a mod/remover/admin/OP. Which isn’t very helpful, and can just lead (potentially) to more threads.
Hi Michael,
Yep, the webforum posting filter is somewhat over-aggressive and I think now it is only avast mods to approve the postings.
Good we still have access to them 'though. Back to essentials and your question at hand and what I found out about that file,
So read on.
Verdict of the file in question as you can read from your latest VT results is “Probably harmless! There are strong indicators suggesting that this file is safe to use.”. The McAfee qualification is also rather FP-prone, because of Heuristic.LooksLike.Win32.Suspicious.E
is flagged.
It is Description AntiMalware Definition Update
Signature verification Signed file, verified signature makes that detection even more questionable.
That is the name given to the update file for MSE (a Delta Patch is an incremental update), and the version numbering will indeed change. A malicious file certainly could try to disguise itself with such a name, but since you utilize MSE and scans pass the file as OK, I doubt if it's any cause for concern.
(quote info - Platypus)
Variants considered to be safe: http://systemexplorer.net/file-database/file/am_delta_patch_1.123.1283.0-exe
Errors coming with the file are being given here: http://www.solvusoft.com/en/files/error-virus-removal/exe/windows/microsoft-corporation/microsoft-malware-protection/am-delta-patch-1-129-1713-0-exe/ (link article author = Jay Geater).
polonus
Polonus, only Ubers have access to “Awaiting Approval” threads. I do not, unless I created it.
However, I did suspect a FP when I saw and googled the AM_Delta patch issue. I remembered some about MSE and deicded it’d be prudent to google it too be safe.
That is hardened mode, notice the link at the bottom Add as an exclusion 
So clicking that will allow it to run
Yeah. Told him that too :).
However, I also gave him the Canned Speech that CompCav made me write on too many AV’s. I told him to ditch MSE.
I presume I was correct when I said it was MSE right?
Aye it was a definition update for it
Figured. Now time to finish the rest of the research for PL 3