Antivirus false positive

Any issues related to FORScan application
twgoff
Posts: 7
Joined: Sun Dec 01, 2019 11:59 pm
Vehicle: Sport Trac, gas 4.6l, 2008

Re: Antivirus false positive

Post by twgoff » Tue Dec 01, 2020 6:44 pm

I am getting a malware error when trying to install the latest version 2.3.37.

User avatar
fordsmax471
Posts: 751
Joined: Mon Aug 07, 2017 5:29 pm
Vehicle: Ford S-Max 2.0 TDCi 2017 PowerShift
Location: EST

Re: Antivirus false positive

Post by fordsmax471 » Tue Dec 01, 2020 7:03 pm

Whenever we make a new upgrade and create a new build to distribute to our users, Windows may temporarily block the installation because the file is new and Windows doesn’t have enough information to guarantee its safety. It can take a few weeks for Windows to remove this warning. Luckily, you can accept the downloaded file
1.png
1.png (111.9 KiB) Viewed 309 times
FORScan2.4.3/Els27v4/UCDSv4/Elitebook840G6/Win10pro

twgoff
Posts: 7
Joined: Sun Dec 01, 2019 11:59 pm
Vehicle: Sport Trac, gas 4.6l, 2008

Re: Antivirus false positive

Post by twgoff » Tue Dec 01, 2020 8:47 pm

I was able to exclude Forscan from my virus scan and it now works.

FORScan
Site Admin
Posts: 2729
Joined: Fri Jun 13, 2014 2:21 am

Re: Antivirus false positive

Post by FORScan » Wed Dec 02, 2020 3:31 am

We tested 2.3.37 on virustotal.com before the delivery, it didn't show any detections with Microsoft. It started to show it only on December, 1st. So either the site (virustotal.com) has problems with antivirus update, or Microsoft identified 2.3.37 as a threat AFTER the release.

Anyway, we have submitted the report to Microsoft, hope they will remove it from Defeinder soon.

Update: got word back from Microsoft that they have removed the false threat for 2.3.37:
Analyst comments:

We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Thank you for contacting Microsoft.

Post Reply