Page 3 of 3

Re: Antivirus false positive

Posted: Tue Dec 01, 2020 6:44 pm
by twgoff
I am getting a malware error when trying to install the latest version 2.3.37.

Re: Antivirus false positive

Posted: Tue Dec 01, 2020 7:03 pm
by fordsmax471
Whenever we make a new upgrade and create a new build to distribute to our users, Windows may temporarily block the installation because the file is new and Windows doesn’t have enough information to guarantee its safety. It can take a few weeks for Windows to remove this warning. Luckily, you can accept the downloaded file
1.png
1.png (111.9 KiB) Viewed 3214 times

Re: Antivirus false positive

Posted: Tue Dec 01, 2020 8:47 pm
by twgoff
I was able to exclude Forscan from my virus scan and it now works.

Re: Antivirus false positive

Posted: Wed Dec 02, 2020 3:31 am
by FORScan
We tested 2.3.37 on virustotal.com before the delivery, it didn't show any detections with Microsoft. It started to show it only on December, 1st. So either the site (virustotal.com) has problems with antivirus update, or Microsoft identified 2.3.37 as a threat AFTER the release.

Anyway, we have submitted the report to Microsoft, hope they will remove it from Defeinder soon.

Update: got word back from Microsoft that they have removed the false threat for 2.3.37:
Analyst comments:

We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Thank you for contacting Microsoft.

Re: Antivirus false positive

Posted: Tue Jan 26, 2021 10:12 pm
by smartguy69
FORScan wrote:
Wed Dec 02, 2020 3:31 am
We tested 2.3.37 on virustotal.com before the delivery, it didn't show any detections with Microsoft. It started to show it only on December, 1st. So either the site (virustotal.com) has problems with antivirus update, or Microsoft identified 2.3.37 as a threat AFTER the release.

Anyway, we have submitted the report to Microsoft, hope they will remove it from Defeinder soon.

Update: got word back from Microsoft that they have removed the false threat for 2.3.37:
Analyst comments:

We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"

Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions

Thank you for contacting Microsoft.
I just bought a new laptop and installed version 2.3.38. Intercepted by Microsoft using windows defender on Sunday 24th January 2021.

Re: Antivirus false positive

Posted: Sun Mar 21, 2021 10:23 pm
by smartguy69
Update 18th March.

Reinstalled windows, downloaded Forscan and all ok with Microsoft Defender.

Re: Antivirus false positive

Posted: Mon Apr 26, 2021 5:29 pm
by CmaxDM2
I ran the command prompt as written, it wrote me that there are no new updates, but it still tells me in the virus total that 1 file is infected with malware, what to do?