FolderScanUltra detected by CrowdStrike as malware

[pauldurham]

Hi Paul,

I am the IT End User Computing lead for our company and we have CrowdStrike deployed on all PC's. I just ran FSU 5.10 on Windows 11 Enterprise with the below parameters and it trigger CrowdStrike to block its activity and flag it as malware. The FSC.exe and related files were not themselves detected as risky while at rest (i.e. not being executed).

fsu.exe c:\ /sum /users /extensions

Just letting you know so you can possibly work around this.

Thanks.

[MaximumOctopus]

Thanks for letting me know. I'll do some investigating...!

[pauldurham]

No problem. Let me know if you wish me to test an updated version.

[MaximumOctopus]

Thanks again. I've reached out to the CrowdStrike false positive team. I think it's possibly down to the application's "excessive" calls to the Windows API functions FindFirstFileW() and FindNextFileW(), but I'm not 100% sure, though I can't think of anything else it could be.