Windows Defender Malware Alert - Win 10 ...

[jcomm 5,888]

Today I tried to setup p3dv3.5 latest installer fetched from my LM account, on two different computers, both running win 10 professional 64 bit, nd got a succession of malware detection alerts by Windows Defender.

 

The trigger seems to be Setup.exe from the p3d v3 installer.

 

Has anyone experienced this ?

 

Thx for any info / hints...

Ok, just found this at the LM P3D forums:

 

http://www.prepar3d.com/forum/viewtopic.php?f=6322&t=119924

[Jim Young 2,356]

Hi Jose,

 

As is recommended on AVSIM frequently and in the AVSIM CTD Guide, it is best to turn off UAC and any malware/anti-virus program when installing new software (this includes Microsoft Essentials).  I personally have exempted my malware program from scanning the directory where I have my flight sims installed.  If you do not know the Source of a program that you downloaded from the Internet, then you should definitely have your anti-virus or malware program enabled but we all know that Lockheed's P3D is from a trusted site.  The same goes when you download a software addon from FlightOne or Aerosoft.  They are not going to allow any viruses or malware with their software and it is all perfectly safe.  

 

Best regards,

[jcomm 5,888]

Thx Jim!

 

Yes, the "Flight1 Malware" has long been known to me, although it's more than a decade since I install something from Flight1...

 

In this case, Defender was really "doing a great job", and even creating exclusions for folders and files didn't work. I actually had to temporarily stop Defender's Real-Time and Cloud-Based protections...

[fluffyflops 1,845]

ut2 will also get a hit from windows defender

[jcomm 5,888]

It got worst after last week's Win 10 update.

 

At my office it also brought problems with NAS drives... More than 50 users affected....  Not saying with this that I don't like win 10 - quite on the contrary because so far it is my preferred Win OS ever, after good old XP...

[Poppet 703]

Thanks for posting Jose. 

 

This hits Ultimate Traffic 2 on a regular basis, You will see the following Error\Message below   "Please register this product before you try and use it"  

 

It see's the utii.dll file as a False Positive so it quarantines it (removes it to a safe and secure place within in your Anti virus set up) 

 

By going to your Quarantine area of your Anti virus Software and Restore it,   Then you should be back in business  

 

I was able to recreate this message by moving this file out of the folder,  I moved it back into the folder and the message went away  

 

 

 

 

The file in question is located here  Your Prepar3D location ► Prepar3D V3 ► Flight One Software ► Ultimate Traffic 2

 

After you restore it,  Confirm the file has been returned 

 

[jcomm 5,888]

Thx Elaine - precious info!

[pete_auau 1,152]

thats why  I got   my second  drive   that host all my  sim addons in my  exclude  from scanning

[AAN1718A 20]

Hi Jose,

 

As is recommended on AVSIM frequently and in the AVSIM CTD Guide, it is best to turn off UAC and any malware/anti-virus program when installing new software (this includes Microsoft Essentials).  I personally have exempted my malware program from scanning the directory where I have my flight sims installed.  If you do not know the Source of a program that you downloaded from the Internet, then you should definitely have your anti-virus or malware program enabled but we all know that Lockheed's P3D is from a trusted site.  The same goes when you download a software addon from FlightOne or Aerosoft.  They are not going to allow any viruses or malware with their software and it is all perfectly safe.  

 

Best regards,

 

Agreed about the exceptions, definitely add your games folder to the exception list for your anti-virus. I do however never recommend shutting off the anti-virus for any reason regardless of whether you trust the site or not. Your download from Prepar3D, Aerosoft etc., which are in my opinion trusted sites and safe, but there is still internet/network connectivity going on other than just your download on your computer for as long as your connected. All it takes is someone malware to get on your system while your protection is off because you are downloading from a trusted site.

 

A situation like that would be rare, but not unheard of. I had no problem downloading Prepar3D while Windows Defender was active, it was just the install that got deleted after I tried to install it.

 

Since this post if from a couple of months ago and I have the same issue today, I can only assume there is no resolution from either Lockheed and/or Microsoft?

 

Either way, it's your computer and just my opinion.

Keep it safe guys!

[Jim Young 2,356]

 

 

All it takes is someone malware to get on your system while your protection is off because you are downloading from a trusted site.

 

I hope I did not recommend you turn off your anti-virus program, just exclude the FSX/P3D folders from being scanned.  Sorry for the poor communications.  I have never used an anti-virus program since at least 2000 and never been hit by a virus.  Malware, yes, but no virus.  Windows has a very reliable firewall and, if you ever turn that off, accidentally or on-purpose, you will most likely be hit with malware or a serious virus.  My sister living far, far away from me turned hers off even though I told her never to turn it off and she had a virus within 20 seconds and had to call in the geeks at BestBuy to fix it (uh, reinstall Windows).  Will an anti-virus program stop malware from hitting your computer?  No but the chances of getting a virus or malware will be drastically reduced.  What are you going to do about any new virus or malware that the developers of anti-virus programs do not even know about yet.  It will hit your system and maybe in a day or two later, you will be informed there's a new virus and you need to update your virus definition. 

 

So, keep your anti-virus, anti-malware programs and your Windows firewall enabled while cruising the Internet and downloading stuff.  When it comes time to install the product you just downloaded from Lockheed, make sure the folder where it will be installed, say, drive D, is excluded from scanning by your anti-virus or anti-malware program during the installation.  You can also disable the anti-virus program temporarily as you still have your firewall protecting you during the installation and you will not be on the Internet as long as you know the software you downloaded came from a trusted website (how do you disable your anti-virus program anyway?  I think they only have one method and that is to exclude the program or folder or drive from scanning)  I had one software program (i-fly 747) that did not install properly because I did not exclude my malware program from scanning during installation.  So it is all just a recommendation.

 

 

 

Since this post if from a couple of months ago and I have the same issue today, I can only assume there is no resolution from either Lockheed and/or Microsoft?

 

Didn't the OP post a link to the solution?  Just report the false positive to Microsoft and make sure you do not allow scanning of the install program or the installation folder during any installation.

 

Best regards,

 

Jim

[AAN1718A 20]

 

 

Didn't the OP post a link to the solution? Just report the false positive to Microsoft and make sure you do not allow scanning of the install program or the installation folder during any installation.

Best regards,

Jim

 

Hi,

 

Thanks for the update. I didn't find any solution except to turn off Defender while installing, still not an option for me, however I think I got away with just installing the CLIENT, CONTENT, and SCENERY installs (in that order) without issue, even though the SETUP.EXE is missing. It is my understanding that you can install Prepar3D that way as well (I could be wrong). However for this experience I let Defender balk at the install while it was running. The install did not produce any errors and so far it's running ok. Time will tell ...

 

Thanks again for your support and insight.

Cheers!

[Poppet 703]

 

 

I think I got away with just installing the CLIENT, CONTENT, and SCENERY installs (in that order) without issue, even though the SETUP.EXE is missing. It is my understanding that you can install Prepar3D that way as well (I could be wrong)

 

Yes in some cases your Anti virus Software will hide or Quarantine the Setup.exe.  

 

The Setup.exe is just an all-In-One Installer pulling Client, Content and Scenery together to Install as 1  But you can Install without the Seup.exe no Problem Once you Install the Client First