0
Under review

SC client has been flagged as a virus

shay 9 months ago updated by Caitlin Barnes (Product Manager) 9 months ago 4
ConnectWise Control Version:
20.4
Server Affected:
Host Client Affected:
Guest Client Affected:

Answer

Answer

Hi Shay, 

I heard back from Fortinet: 


Thank you for bringing this issue to our attention. We have already disabled the signature "W32/Siggen8.F065!tr" that is causing this false positive detection. It was disabled in AVDB v70.224 @ 2019-07-24 21:38:22 PST. Updating to the newest AV definition should resolve this. 

Hi Shay, 

Can you please provide some additional information? What AV vendor and version are you using? What specific files were flagged as a virus? What version of Control do you have? Anything you can provide would be appreciated. 

we are using Fortinet 6.0.4 with EMS 6.0.1 console this is the message we received:


  Malware:W32/Siggen8.F065!tr found in C:\Windows\Temp\ScreenConnect\19.0.23665.7058\ScreenConnect.ClientSetup.exe by realtime scan

Thanks Shay. I've been in discussions with Fortinet about whitelisting our product with some success. I've found that AV partners have a greater success rate in responses from vendors and resolutions than we do as a product. Suggest you also submit a ticket with their support. 

Answer

Hi Shay, 

I heard back from Fortinet: 


Thank you for bringing this issue to our attention. We have already disabled the signature "W32/Siggen8.F065!tr" that is causing this false positive detection. It was disabled in AVDB v70.224 @ 2019-07-24 21:38:22 PST. Updating to the newest AV definition should resolve this.