Hello Everyone,
I’m double checking here to see if anyone else ran into a problem downloading scenicroutes-ljlj-ljubljana_1.3.zip from Simmarket?
Sophos reports this file contains a Mal/Generic-S virus. Working with Simmarket, they say it is a false positive, which is very possible.
However, before I override this, I would like to run this by the Avsim forum and gauge your response.
I appreciate your input!
Yes, these false positives are a known issue with a lot of third party addons.
I have purchased a lot from Simmarket over the years and have seen this a number of times.
It has never been a problem.
Thank you. I appreciate it.
If I had to guess, it probably gets spooked by the EXE file in that zip that Scenic Routes includes to install their WASM-based VDGS (visual docking system.) This is the first airport to my knowledge to have this neat feature, and because of this antivirus programs probably have no idea what on earth that file does and flag it out of an abundance of precaution. I work for a software company that makes a piece of software that over 5,000 people use daily and even we fight antivirus false positives occasionally.
Thank you. I appreciate the feedback.
when these things happen, you should write to your antivirus support, pointing out this problem. At least in my case (Kaspersky) it works like this and they are very efficient.
Thank you DeplaPVI. I appreciate the input.
I haven’t used 3rd party protection since the introduction of Windows Defender. All they do is duplicate WD and use up valuable resources.
Thank you. I appreciate the input.
Windows Defender also detected this as a severe trojan. In this case, it was very specific in that the trojan is the “Scenic Routes Ljubljana VDGS.exe” installer. I removed this from the zip file and my anti virus (Windows Defender and Sophos) are happy…
As a side note, Sophos replaces Windows Defender on one computer. My second computer uses Windows Defender.
The good news is I’m pretty sure the airport will still function fine without the VDGS. That said, I have Windows Defender and it didn’t flag that file. Computers are weird and finicky. But it’s definitely a false positive, you can usually set an exception but again the airport should be fine without the VDGS you just won’t have that feature.
Thank you. I appreciate the update.
I specifically scanned the zip from Simmarket. It was only after this, that it flagged the file. I’ve noticed this before with Windows Defender…if simply downloading a zip file, which contains many files, Windows Defender didn’t detect anything. Only after moving or specifically scanning the zip file will it detect a ‘malware’ file within the zip file.
Yes, after reading the readme and understanding what VDGS does, I came to the same conclusion. While a great feature, I don’t believe it is necessary to use LJLJ.
Again, thanks for your input.
Was about to create my own topic for this but found this one.
I just bought and downloaded LJLJ from simMarket and also got a warning from Windows Security as seen below.
What makes me a bit suspicious is how come the same file still is identified by Windows Security as a severe threat more than 6 months later. In that time, surely the developer or MS should have had time enough to agree it’s a false positive.
Even when I think and hope it indeed is a false positive, I at the same time think you should be quite careful with these kind of things. If you keep installing/using things in good faith even when you are warned, you might end up being infected without knowing about it nor how your computer might be used by someone else without your knowledge.
At least to me, that is quite a scary thought and something I really want to avoid. I think before I will decide to trust this file, I’ll see if there’s a way to report the file to MS to have it tested.
Edited to add, I have now reported the file to MS and provided them with all info they require to analyze the file. Something I do think should have been done by the developer a long time ago…
Coming in with some good news, see below response from MS. I just confirmed myself how the file no longer is flagged as harmful.
Thanks for the follow up and update!
