Page 2 of 2

Re: Antivirus false positive

Posted: Tue Mar 10, 2020 8:33 pm
by geierbj
Rapid7 Insight Agent seems to be detecting new version as a virus also and deletes the install file as soon as it completes its download.

Re: Antivirus false positive

Posted: Sun May 10, 2020 7:27 pm
by rick_2k
2.3.33beta is showing as positive in Windows Defender as of today with Win32/Wacatac.

Re: Antivirus false positive

Posted: Mon May 11, 2020 12:53 am
by Flyguy30263
2.3.33beta is showing as positive in Windows Defender as of today with Win32/Wacatac.
Top
I'm having this same issue. Only Windows computer I have access to is my work computer, I'm an Apply guy, I'm not the admin for my company computer. Now what.

Re: Antivirus false positive

Posted: Mon May 11, 2020 1:25 am
by f-wolf

Re: Antivirus false positive

Posted: Tue Oct 13, 2020 8:34 am
by tim100
Use VirusTotal to Get More Opinions
If you download a file and your antivirus jumps into action and informs you the file is harmful, it probably is. If you’ve run into a false positive and the file is actually safe, most other antivirus programs shouldn’t make the same mistake. In other words, if this is a false positive, only a few antivirus programs should flag the file as dangerous, while most should say it’s safe. That’s where VirusTotal comes in — it lets us scan a file with 45 antivirus programs so we can see what they all think of it.

Check a Malware Database
When an antivirus flags a file, it will give you a specific name for the type of malware it is. Plug this name into a search engine like Google and you should find links to malware database websites written by antivirus companies. They’ll tell you exactly what the file does and why it’s blocked.

In some cases, files that have legitimate uses may be flagged as malware and blocked because they can be used for malicious purposes. For example, some antivirus programs will block VNC server software. VNC server software may be installed by someone malicious so they can remotely access your computer, but it’s safe if you know what you’re doing and intend on installing a VNC server yourself.

Hope this helps.

Re: Antivirus false positive

Posted: Thu Nov 05, 2020 3:23 am
by jmlay
Cisco Advanced Malware Protection (AMP) detects the FORscan.exe as malware.

Re: Antivirus false positive

Posted: Thu Nov 05, 2020 4:40 am
by tractmec
Its A False Positive as the Forscan team reported in the first post in this thread. Some Aniti virus's have not yet been updated still!