October 22, 20178 yr Windows Defender detected "Trojan:Win32/Azden.A!cl" in "rxpGNS-530-XPL.exe" and quarantined it, saying it is dangerous and executes commands from an attacker. Defender recommends removal. Is there a problem with it, or is this a false alarm?
October 22, 20178 yr Hi, our files may produce false positives. Unless our files have got contaminated on your drive by an existing/hidden virus, they are safe otherwise.
October 24, 20178 yr I also get the same warning with the "rxpGTN-750-XPL.exe. Sent the file to Virus Total, looks like it's clean. Alvega CPU: AMD 7800X3D | COOLER: Cooler Master MasterLiquid 240L Core ARGB | GPU: RTX 4070 TI Super 16GB OC | Mobo: ASUS TUF GAMING X670E-PLUS WIFI |RAM: 32 GB Corsair Vengeance RGB DDR5 6000MHz PC5-48000 2x16GB CL36 | SSDs: WD Black SN770 2TB NVMe SSD (WIN11), WD Black SN850X SSD 2 TB M.2 2280 PCIe Gen4 NVMe (MSFS), Crucial MX500 2TB (Other stuff) | CASE: Forgeon Arcanite ARGB Mesh Tower ATX White | Power Supply: Forgeon Bolt PSU 850W 80+ Gold Full Modular White
October 25, 20178 yr Hi, You can never be sure it wouldn't be contaminated on your drive, neither would we. However, our development systems are kept separate from our business systems, and only connect to the internet to limited number of websites, and the only software installed and running is development related from known vendors only. This is a false positive only because our files are protected/encrypted and this gets flag as 'virus'. Please note our files are being internally tagged with a unique id (this is unrelated to code signing, it is designed for anti-virus software to acknowledge the file source), but some antivirus software just don't bother agreeing to the technologies put in place by antivirus vendors to avoid these false positives.
November 5, 20205 yr On 10/24/2017 at 8:08 PM, RXP said: Hi, You can never be sure it wouldn't be contaminated on your drive, neither would we. However, our development systems are kept separate from our business systems, and only connect to the internet to limited number of websites, and the only software installed and running is development related from known vendors only. This is a false positive only because our files are protected/encrypted and this gets flag as 'virus'. Please note our files are being internally tagged with a unique id (this is unrelated to code signing, it is designed for anti-virus software to acknowledge the file source), but some antivirus software just don't bother agreeing to the technologies put in place by antivirus vendors to avoid these false positives. Sorry to open this back up... This is a still a real problem. Windows flags the installation file as dangerous from the start. After fighting Windows to actually allow me to install the program BitDefender returns: The file C:\Program Files (x86)\Reality XP\GNS Simulation\X-Plane\bin\rxpGnsSim32.dll is infected with Trojan.GenericKD.44052360 and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean. System scan returns clean.... How can you be so sure that this is a false positive? You don't code sign your executables which goes along way to proving that your files are from a legitimate source (I don't doubt that you are legitimate, but operating systems and anti-virus don't know you...). My experience is that if more than one person has a problem with code I have developed (yes, I am a software developer) then I have to put aside my pride and assume it is my problem until I can prove otherwise. I don't point fingers back to the user and work to prove to myself through evidence it is user error or a third parties issue. I find that it is usually something I did, though on occasion will find it to be user error or a third parties problem - and then I solve the problem with them and not leave my customers to languish - otherwise, I won't have many customers... I don't follow your statement that 'some antivirus software just don't bother agreeing to the technologies put in place by antivirus vendors to avoid these false positives' - Is there a standard defined somewhere that Microsoft and BitDefender are ignoring? Please point this standard out to us as I am curious how this works. In this day and age where being online is dangerous (why else would you separate your development system from your business system?) it is to your advantage to distribute software that doesn't have installation problems even if false positives. I cannot continue to use your software (even though it is of great use to me) for fear that my passwords and sensitive personal information are at risk. If you need more details and specifics, please feel free to ask.
November 5, 20205 yr 16 minutes ago, cstater said: If you need more details and specifics, please feel free to ask. As a long time member here and a long time user of RXP products I believe you are quite overreacting here. False positives are common in today's world as AV screening has justifiably intensified. You have hundreds, if not thousands who have arrived at this particular false positive before you. None that this site is aware of have experienced any issue by allowing AV to grant passage. I might also add that since 2015 I ceased using 3rd party AV other than Malware bytes in tandem with Windows Defender. Life has been easier and perfectly protected. Relax. Install and enjoy the product. It is well worth it. Especially if you do not fret. Frank Patton Corsair 5000D Airflow Case; MSI B650 Tomahawk MOB; Ryzen 7 7800 X3D CPU; ASUS RTX 4080 Super; NZXT 360mm liquid cooler; Corsair Vengeance 64GB DDR5 4800 MHz RAM; RMX850X Gold PSU;; ASUS VG289 4K 27" Display; Honeycomb Alpha & Bravo, Crosswind 3's w/dampener. Former USAF meteorologist & ground weather school instructor. AOPA Member #07379126 "I will never put my name on a product that does not have in it the best that is in me." - John Deere
November 5, 20205 yr You're raising valid points and I thank you for this. You can read about some of the technologies I'm referring to, which our products are using, and which are meant to safe-guard users and developers, here for example: https://standards.ieee.org/industry-connections/icsg/index.html As for code signing, we're not using any yet for mixed reasons I can't detail but part of the reason is also because we are supporting a wide range of operating systems (GNS V2 is compatible with WinXP). Besides, if you try to download and install the FS2020 SDK you'd be surprised about Microsoft choice of code signing and how Win10 anti-virus is treating their own files. Having said this if you're not confortable with our files I can't say much more than not using our products at this stage and monitor from time to time our forums for news. It is unfortunate but I can't offer much alternative options for now.
February 19, 20215 yr Here is the procedure for Windows Defender There is no way to get wrong with the Microsoft document, it is really 1,2,3,4,5: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus#exclusions See the example below with GNS V2 (rxpGnsSim##.dll) and GTN (rxpGtnSim##.dll) excluded files, and RealityXP excluded folder:
April 9, 20224 yr I am trying to download the ecommerce page and I too am getting the "Trojan 32" virus notification. My computer will not allow me to download/open the exe file. Its getting a little frustrating. Is there a final work through on this one?
April 11, 20224 yr @Palo Hi, the only solution is to tell your anti-virus program to let it pass through. However, are you sure it isn't your web browser which is just warning you, and not the anti-virus? In which case:https://www.tenforums.com/browsers-email/180184-cannot-download-files-flagged-insecure-edge-post2233437.html#post2233437 Edited May 12, 20224 yr by RXP
Archived
This topic is now archived and is closed to further replies.