General Category > General Discussion

Virus?

<< < (4/6) > >>

dsktopflyr:
I also have McAfee and are dealing with this problem which I understand is not a FSDreamteam problem. I have sent the file couatl.exe to McAfee (virus_reasearch@advertlabs.com) for them to analyze and hopefully add to their DAT file definitions so that it will be avoided in future scans. I have had luck in the past using this service to correct some files from Flight1 software that were being detected and have them added to the DAT definitions.

Below is the latest email correspondence from McAfee I recieved today with my reply. We will see where this goes next... Maybe I can get a contact for Virtuali.

If I understand correctly this file will not be added to a future DAT version to avoid being detected as a virus. Again this file is part of an add on scenery package for Microsoft Flight Simulator X by FSDreamteam.com which is a reputable company and the file is also digitally signed. If this is so what are my options to get this corrected (added to a new DAT version) aside from disabling Virus Scan ever time.

Thanks,

Gideon

-----Original Message-----
From: virus_research@avertlabs.com [mailto:virus_research@avertlabs.com]
Sent: Thursday, September 03, 2009 10:30 PM
Subject: Escalation: 5492852


Avertâ„¢ Sample Analysis

McAfee Avertâ„¢ Labs, Automation

Thank you for submitting your suspicious file(s). We have determined that the following submissions are handled by our AV signature DAT files.

        Analysis Id: 5492852
        --------------------
         
        File Name                    Findings            Detection               Type               
        =========                    ========            =========               ====               
        couatl.exe                   detected            w32/induc               virus   

DAT version 5730 provides cover against all of the submissions shown above.

KPryor:
I submitted it to Sunbelt Software, which makes Vipre antivirus and they still insist it's not a false positive since other AV companies are also identifying it as a trojan.  I'll just have to deactivate my AV every time I install an FSDT scenery and exclude the folders the files are in from AV scans, which is no big deal.
KP

virtuali:

--- Quote from: KPryor on September 04, 2009, 06:04:26 pm ---I submitted it to Sunbelt Software, which makes Vipre antivirus and they still insist it's not a false positive since other AV companies are also identifying it as a trojan.
--- End quote ---

Well, this is the most laughable answer you could ever get from an antivirus company. Basically, they are telling you that they don't have the means to check if a program is *really* dangerous or not but, it must be, because other A/V products are detecting it as well...

Which is also funny because, considering that many antivirus are just using the McAfee engine they license, whenever McAfee gets into a false positive problem, many 3rd party antivirus will act just the same so, would this prove their point about "other AV companies are identifying it as a trojan" ???

KPryor:
I agree, it's ridiculous that none of the AV companies seem interested in fixing this problem.  The good thing about Vipre is it's easy to exclude the FSDT folders from scans so I don't have to worry about it quarantining the file; I just have to disable Vipre temporarily doing scenery installs so it doesn't kill couatl during the install.
KP

HiFlyer:
The problem is that users of FSdreamteam products who also have anti virus, are being intermittently inconvenienced by these episodes (My products have stopped working again) and a quick scan of the forums shows the problem as being fairly widespread over time.

Isn't there any way for Coautl to do whatever its doing in such a fashion as to not cause so many false positives? Surely there are other products that are "protecting" themselves in ways that do not cause these issues?

There are a few more airports I want to buy, but I find myself feeling hesitant because of this.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version