Bearfoos.a!vi virus detected

I installed the newest update and Windows immediately detected a virus attached to the software. Did this happen to anybody else? Right now I can either run WW and get virus alerts all day or uninstall it and keep it that way.

That’s what’s known as a false-positive. Your virus scanner of choice is incorrectly identifying the Weather Watcher installer or Weather Watcher itself as a virus – most likely because those files are brand new and haven’t built up enough history to meet your virus scanner’s trust level.

This scan at VirusTotal shows the Weather Watcher installer is clean.

All virus scanners have a way to whitelist files/applications. You could certainly take advantage of that feature in order to bypass those alerts.


This did happen to me, but in doing further research, the virus “Bearfoos.A!ml” is not a real virus, it is a file that is AI detected as containing “virus” features. The “!ml” at the end is the code that it is AI detected, and not an actual virus. This is apparently a common false alert.
With Windows, when you get the threat alert, click on it to open the “Virus & threat protection”, then under current threats where you see the “Bearfoos.A!ml” listed, you can click on the drop down next to it to “allow on this machine.” Then you can click to download and/or install the newest version ofWeather Watcher without a problem.

This is happening with native Windows Defender, so you might want to look for a workaround.

As an update, after whitelisting the “Bearfoos.A!ml”, weather watcher ran fine for about 12 hours, then Windows security alert went off. After restarting, Windows had once again uninstalled Weather Watcher, even though the supposed file that set it off was still on its allowed list. Hopefully that will be a one-off, and not a recurring thing.

I’d prefer it never be a thing. Microsoft is human too (like us), so we should probably not fault them for every mistake they make.


Microsoft agrees the malware analysis was not accurate and decided to remove the detection.

You can get the latest available Microsoft Defender Antivirus updates by installing the latest available Windows updates (easiest fix). Or you can follow these instructions from the analyst’s comments above:

  1. Open a Windows command prompt as administrator

  2. Run the following commands:

    • cd c:\Program Files\Windows Defender
    • MpCmdRun.exe -removedefinitions -dynamicsignatures
    • MpCmdRun.exe -SignatureUpdate

If Weather Watcher still does not run at that point, then you might need to reinstall it to restore any files Windows quarantined. Download the current Weather Watcher installer here and install it over top of your existing installation.


Mike, thank you for getting this fixed through Microsoft!