Harmful file removed

MyActive AirSource (MyAAS) is the program used by AirSource members to record their flight time. Requires Microsoft Flight Simulator and (free) version of FSUIPC. MyAAS 2 is programmed by AS 201 Joe Hamilton, and is always being reviwed for new features.

Harmful file removed

Postby placei » 19 Sep 2016 07:11

I have tried to download MyAAS2.exe from the website onto a new computer. My security software F-Secure prevents the download stating TROJAN.W32/variant. Trojan.win32
Any ideas anyone?
placei
Instrument Rated Pilot
 
Posts: 166
Joined: 01 Jun 2008 23:57
Location: [AirSource ID: AS 171]
AirSource Pilot Number: 0

Re: Harmful file removed

Postby AS 2 Tom Little » 19 Sep 2016 10:47

Sound like a false positive... there has been one report of this prior - see here: viewtopic.php?f=51&t=7316&p=33037&hilit=trojan#p33028

User avatar
AS 2 Tom Little
FAA [Administrator]
 
Posts: 3292
Joined: 23 Nov 2005 20:03
Location: [AirSource ID: AS 2] KMCO Orlando, Florida SKYPE:airsourceva
AirSource Pilot Number: 2

Re: Harmful file removed

Postby placei » 19 Sep 2016 16:49

Tom I have read the other account of a virus being found and the report goes on to let you know if anything has come of it. Unfortunately there is nothing reported so this does not help me? I still want to resolve this problem. So im still asking Any Ideas anyone?
placei
Instrument Rated Pilot
 
Posts: 166
Joined: 01 Jun 2008 23:57
Location: [AirSource ID: AS 171]
AirSource Pilot Number: 0

Re: Harmful file removed

Postby AS 2 Tom Little » 19 Sep 2016 22:21

Might be best that Joe replies - he writes the code. Although I've seen the coding, not sure what I'm looking at anyhow!! I do know that it is a complex program though :lol:

User avatar
AS 2 Tom Little
FAA [Administrator]
 
Posts: 3292
Joined: 23 Nov 2005 20:03
Location: [AirSource ID: AS 2] KMCO Orlando, Florida SKYPE:airsourceva
AirSource Pilot Number: 2

Re: Harmful file removed

Postby AS201 Joe » 19 Sep 2016 23:02

Not sure why F-Secure is reporting that. Maybe send it to them and see what they say. Submit a Sample
Oddly enough, myAAS2 passes through F-Secure on the VirusTotal Scan.

According to this page, it doesn't look like you would get a written response unless you have an account but, at least, maybe they will fix the detection.

Some looking around leads me to think It might have something to do with the way we use the internet connection. Either with the downloading of webpages or the downloading of some of the data

AS201 Joe
FAA [Administrator]
 
Posts: 771
Joined: 08 Oct 2011 23:54
Location: [AirSource ID: AS 201]
AirSource Pilot Number: 201

Re: Harmful file removed

Postby placei » 20 Sep 2016 10:31

Thanks for sample file I will let you know the outcome--placei
placei
Instrument Rated Pilot
 
Posts: 166
Joined: 01 Jun 2008 23:57
Location: [AirSource ID: AS 171]
AirSource Pilot Number: 0

Re: Harmful file removed

Postby placei » 21 Sep 2016 10:28

Yes they have confessed and sent me the following

The file you submitted is indeed clean.

A database update will be released to resolve this issue.The false positive you experienced is caused by our proactive detection engine. In case you got an alert popup for a clean application, you might want to allow its execution manually.

If you are getting the "Suspicious:W32/Malware!Gemini" alert during the manual system scan or from the VirusTotal website, you might want to disable the Advanced Heuristics feature. And if certain applications are crashing or you are unable to start those applications, you might want to disable the Advanced Process Monitoring feature.

Additional information and instructions for tuning up the heuristic scanning engine can be found here:

https://www.f-secure.com/v-descs/suspic ... mini.shtml

We apologize for any inconveniences that this false positive may have brought you. Should you have further questions, please do not hesitate to contact us again.

Best regards,
Hau Vei,
Malware Analyst
F-Secure Security Labs

Visit our Labs blog at https://labsblog.f-secure.com/
Give and get advice in our F-Secure Community at https://community.f-secure.com

So anyone who encounters similar problems here is the resolution--Placei
placei
Instrument Rated Pilot
 
Posts: 166
Joined: 01 Jun 2008 23:57
Location: [AirSource ID: AS 171]
AirSource Pilot Number: 0

Re: Harmful file removed

Postby AS201 Joe » 21 Sep 2016 13:12

Very nice, thanks. Good to know I didn't accidentally put in something I shouldn't have. :lol:

AS201 Joe
FAA [Administrator]
 
Posts: 771
Joined: 08 Oct 2011 23:54
Location: [AirSource ID: AS 201]
AirSource Pilot Number: 201


Return to MyActive AirSource

Who is online

Users browsing this forum: No registered users and 6 guests