Jump to content

Trojan Virus? [false positive]


aviator1213

Recommended Posts

  • Commercial Member

Hi, our files may produce false positives.

Unless our files have got contaminated on your drive by an existing/hidden virus, they are safe otherwise.

Jean-Luc | reality-xp.com
This message from Reality XP is protected by a disclaimer: reality-xp.com/aboutrealityxp/email.html

Let your voice be heard and help us make a difference for you: Vote !
Open up communications with Reality-XP (Microsoft Flight Simulator Forums)

Link to comment
Share on other sites

I also get the same warning with the "rxpGTN-750-XPL.exe.

Sent the file to Virus Total, looks like it's clean.

 

Alvega

CPU: AMD 7800X3D | COOLER: Cooler Master MasterLiquid 240L Core ARGB | GPU: RTX 4070 TI Super 16GB OC | Mobo: ASUS TUF GAMING X670E-PLUS WIFI |
RAM: 32 GB Corsair Vengeance RGB DDR5 6000MHz PC5-48000 2x16GB CL36 | SSDs: WD Black SN770 2TB NVMe SSD (WIN11), WD Black SN850X SSD 2 TB M.2 2280 PCIe Gen4 NVMe (MSFS), Crucial MX500 2TB (Other stuff) | CASE: Forgeon Arcanite ARGB Mesh Tower ATX White | Power Supply: Forgeon Bolt PSU 850W 80+ Gold Full Modular White 

Link to comment
Share on other sites

  • 3 years later...
On 10/24/2017 at 8:08 PM, RXP said:

Hi, 

You can never be sure it wouldn't be contaminated on your drive, neither would we.

However, our development systems are kept separate from our business systems, and only connect to the internet to limited number of websites, and the only software installed and running is development related from known vendors only.

This is a false positive only because our files are protected/encrypted and this gets flag as 'virus'. Please note our files are being internally tagged with a unique id (this is unrelated to code signing, it is designed for anti-virus software to acknowledge the file source), but some antivirus software just don't bother agreeing to the technologies put in place by antivirus vendors to avoid these false positives.

Sorry to open this back up...

This is a still a real problem.  Windows flags the installation file as dangerous from the start.  After fighting Windows to actually allow me to install the program BitDefender returns:

The file C:\Program Files (x86)\Reality XP\GNS Simulation\X-Plane\bin\rxpGnsSim32.dll is infected with Trojan.GenericKD.44052360 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

System scan returns clean....

How can you be so sure that this is a false positive?  You don't code sign your executables which goes along way to proving that your files are from a legitimate source (I don't doubt that you are legitimate, but operating systems and anti-virus don't know you...).  My experience is that if more than one person has a problem with code I have developed (yes, I am a software developer) then I have to put aside my pride and assume it is my problem until I can prove otherwise.  I don't point fingers back to the user and work to prove to myself through evidence it is user error or a third parties issue.  I find that it is usually something I did, though on occasion will find it to be user error or a third parties problem - and then I solve the problem with them and not leave my customers to languish - otherwise, I won't have many customers...

I don't follow your statement that 'some antivirus software just don't bother agreeing to the technologies put in place by antivirus vendors to avoid these false positives' - Is there a standard defined somewhere that Microsoft and BitDefender are ignoring?  Please point this standard out to us as I am curious how this works.

In this day and age where being online is dangerous (why else would you separate your development system from your business system?) it is to your advantage to distribute software that doesn't have installation problems even if false positives.  I cannot continue to use your software (even though it is of great use to me) for fear that my passwords and sensitive personal information are at risk.

If you need more details and specifics, please feel free to ask.

Link to comment
Share on other sites

16 minutes ago, cstater said:

If you need more details and specifics, please feel free to ask.

As a long time member here and a long time user of RXP products I believe you are quite overreacting here.  False positives are common in today's world as AV screening has justifiably intensified.  You have hundreds, if not thousands who have arrived at this particular false positive before you.  None that this site is aware of have experienced any issue by allowing AV to grant passage.  I might also add that since 2015 I ceased using 3rd party AV other than Malware bytes in tandem with Windows Defender.  Life has been easier and perfectly protected.

Relax.  Install and enjoy the product.  It is well worth it.  Especially if you do not fret.

Frank Patton
Corsair 5000D Airflow Case; MSI B650 Tomahawk MOB; Ryzen 7 7800 X3D CPU; ASUS RTX 4080 Super; 
NZXT 360mm liquid cooler; Corsair Vengeance 64GB DDR5 4800 MHz RAM; RMX850X Gold PSU;; ASUS VG289 4K 27" Display; Honeycomb Alpha & Bravo, Crosswind 3's w/dampener.  
Former USAF meteorologist & ground weather school instructor. AOPA Member #07379126
                       
"I will never put my name on a product that does not have in it the best that is in me." - John Deere

Link to comment
Share on other sites

  • Commercial Member

You're raising valid points and I thank you for this. 

You can read about some of the technologies I'm referring to, which our products are using, and which are meant to safe-guard users and developers, here for example: https://standards.ieee.org/industry-connections/icsg/index.html

As for code signing, we're not using any yet for mixed reasons I can't detail but part of the reason is also because we are supporting a wide range of operating systems (GNS V2 is compatible with WinXP). Besides, if you try to download and install the FS2020 SDK you'd be surprised about Microsoft choice of code signing and how Win10 anti-virus is treating their own files.

Having said this if you're not confortable with our files I can't say much more than not using our products at this stage and monitor from time to time our forums for news. It is unfortunate but I can't offer much alternative options for now.

Jean-Luc | reality-xp.com
This message from Reality XP is protected by a disclaimer: reality-xp.com/aboutrealityxp/email.html

Let your voice be heard and help us make a difference for you: Vote !
Open up communications with Reality-XP (Microsoft Flight Simulator Forums)

Link to comment
Share on other sites

  • 3 months later...
  • 1 year later...

I am trying to download the ecommerce page and I too am getting the "Trojan 32" virus notification. My computer will not allow me to download/open the exe file.

Its getting a little frustrating. 

Is there a final work through on this one?

Link to comment
Share on other sites

  • Commercial Member

@Palo Hi, the only solution is to tell your anti-virus program to let it pass through. However, are you sure it isn't your web browser which is just warning you, and not the anti-virus?

In which case:
https://www.tenforums.com/browsers-email/180184-cannot-download-files-flagged-insecure-edge-post2233437.html#post2233437

edge-browser-keep.jpg

edge-browser-keep-anyway.jpgprotection-history-allow.jpg

 

Jean-Luc | reality-xp.com
This message from Reality XP is protected by a disclaimer: reality-xp.com/aboutrealityxp/email.html

Let your voice be heard and help us make a difference for you: Vote !
Open up communications with Reality-XP (Microsoft Flight Simulator Forums)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Tom Allensworth,
    Founder of AVSIM Online


  • Flight Simulation's Premier Resource!

    AVSIM is a free service to the flight simulation community. AVSIM is staffed completely by volunteers and all funds donated to AVSIM go directly back to supporting the community. Your donation here helps to pay our bandwidth costs, emergency funding, and other general costs that crop up from time to time. Thank you for your support!

    Click here for more information and to see all donations year to date.
×
×
  • Create New...