Antivirus false positive

Any issues related to FORScan application
twgoff
Posts: 7
Joined: Sun Dec 01, 2019 11:59 pm
Vehicle: Sport Trac, gas 4.6l, 2008

Re: Antivirus false positive

Post by twgoff »

I am getting a malware error when trying to install the latest version 2.3.37.
User avatar
fordsmax471
Posts: 836
Joined: Mon Aug 07, 2017 5:29 pm
Vehicle: Ford S-Max 2.0 TDCi 2017 PowerShift
Location: EST

Re: Antivirus false positive

Post by fordsmax471 »

Whenever we make a new upgrade and create a new build to distribute to our users, Windows may temporarily block the installation because the file is new and Windows doesn’t have enough information to guarantee its safety. It can take a few weeks for Windows to remove this warning. Luckily, you can accept the downloaded file
1.png
1.png (111.9 KiB) Viewed 949 times
FORScan2.4.3/Els27v4/UCDSv4/Elitebook840G6/Win10pro
twgoff
Posts: 7
Joined: Sun Dec 01, 2019 11:59 pm
Vehicle: Sport Trac, gas 4.6l, 2008

Re: Antivirus false positive

Post by twgoff »

I was able to exclude Forscan from my virus scan and it now works.
FORScan
Site Admin
Posts: 2749
Joined: Fri Jun 13, 2014 2:21 am

Re: Antivirus false positive

Post by FORScan »

We tested 2.3.37 on virustotal.com before the delivery, it didn't show any detections with Microsoft. It started to show it only on December, 1st. So either the site (virustotal.com) has problems with antivirus update, or Microsoft identified 2.3.37 as a threat AFTER the release.

Anyway, we have submitted the report to Microsoft, hope they will remove it from Defeinder soon.

Update: got word back from Microsoft that they have removed the false threat for 2.3.37:
Analyst comments:

We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Thank you for contacting Microsoft.
smartguy69
Posts: 121
Joined: Mon Sep 21, 2020 8:27 pm
Vehicle: Kuga Titanium,2 litre diesel, 150PS, 2015

Re: Antivirus false positive

Post by smartguy69 »

FORScan wrote:
Wed Dec 02, 2020 3:31 am
We tested 2.3.37 on virustotal.com before the delivery, it didn't show any detections with Microsoft. It started to show it only on December, 1st. So either the site (virustotal.com) has problems with antivirus update, or Microsoft identified 2.3.37 as a threat AFTER the release.

Anyway, we have submitted the report to Microsoft, hope they will remove it from Defeinder soon.

Update: got word back from Microsoft that they have removed the false threat for 2.3.37:
Analyst comments:

We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Thank you for contacting Microsoft.
I just bought a new laptop and installed version 2.3.38. Intercepted by Microsoft using windows defender on Sunday 24th January 2021.
smartguy69
Posts: 121
Joined: Mon Sep 21, 2020 8:27 pm
Vehicle: Kuga Titanium,2 litre diesel, 150PS, 2015

Re: Antivirus false positive

Post by smartguy69 »

Update 18th March.

Reinstalled windows, downloaded Forscan and all ok with Microsoft Defender.
Post Reply