RTTClient32.exe flagged as virus
-
Hello everyone, I am new to BMS and getting everything sorted. I ran a virus scan on my PC, as I do with all mod downloads and things, and I got a hit on one of the files. When I scanned, in the C:\FalconBMS4.35\Tools\RTTRemote file, the RTTClient32.exe was flagged and deleted by McAfee. Is this file truly a virus? Should I be concerned that I have downloaded a corrupted Falcon BMS 4.35 download? I am really excited to learn this game since I used to work on F-16s IRL but this has me concerned. Thanks for any help with this. (sorry if this question was already asked somewhere else)
-
Out of the two, I’m starting to think McAfee is the worst virus, if that answers your question.
That’s your opportunity to learn this game from the manual point of view, Docs folder, BMS Technical Manualf PDF, page 5-35.
-
LOL, yeah I have heard people refer to McAfee as worse than the viruses that it is supposedly protecting from. Thanks for the help, I didn’t realize the RTT stuff was in the Tech Manual. I got some homework to do, lol. Thanks again.
-
Seems like there have been a lot of false-positive hits from various AV (not just McAfee) but for some reason hard to reproduce… and very to diagnose any further.
Maybe good idea to uninstall/reinstall … and either pause McAfee, or set an exclusion-rule for ‘C:\Falcon BMS 4.35’ directory… before re-installing.
If you have cause for concern that your download was somehow tampered with, you can verify the MD5 hash… I think there are number of free, open-source hash verifiers out there. Or just download through torrent … surely all respectable torrent clients would validate the hash after completing download.
-
Ok, thanks for the help. I will take a look at hash and see if they match up. Thanks again.
-
Seems like there have been a lot of false-positive hits from various AV (not just McAfee) but for some reason hard to reproduce… and very to diagnose any further.
Maybe good idea to uninstall/reinstall … and either pause McAfee, or set an exclusion-rule for ‘C:\Falcon BMS 4.35’ directory… before re-installing.
If you have cause for concern that your download was somehow tampered with, you can verify the MD5 hash… I think there are number of free, open-source hash verifiers out there. Or just download through torrent … surely all respectable torrent clients would validate the hash after completing download.
For IVC it the capture of F1 and F2 flagged as keylogger
-
Just ran a full virus check using Microsoft Defender. Showed C:\Falcon BMS 4.35\Tools\RTTRemote\RTTClient32_FakeBMS.exe as Trojan:Win32/Zpevdo.B
Bit concerned about the word Fake!!! -
It’s a false positive. And the word fake in the Filename is just correct as it’s intent is to fake a running BMS on a networked machine without having a full BMS install.
Nothi g to be concerned or worried about
Gesendet von meinem SM-G930F mit Tapatalk
-
It’s a false positive. And the word fake in the Filename is just correct as it’s intent is to fake a running BMS on a networked machine without having a full BMS install.
Nothi g to be concerned or worried about
Gesendet von meinem SM-G930F mit Tapatalk
You think he was serious?
-
Obviously.
And I come second. :uham:Our good friend oak seemed having understood all as they are for real - good catch, that.
With best regards.
-
Some antiviruses are very picky on the fact some of the exe are running key captures or version checks.
Believe me, that’s even worse with our internal versions because of protection mechanism that we deploy to prevent leak.I don’t know if there is a way to declare file to AV manufacturers to whitelist them globally.
Cheers
-
Some antiviruses are very picky on the fact some of the exe are running key captures or version checks.
Believe me, that’s even worse with our internal versions because of protection mechanism that we deploy to prevent leak.I don’t know if there is a way to declare file to AV manufacturers to whitelist them globally.
Cheers
Yes, you can submit for analysis for white listing or black listing, for most AV vendors. Eg https://www.microsoft.com/en-us/wdsi/filesubmission
https://opentip.kaspersky.com/
Sent from my iPhone using Tapatalk
-
“FakeBMS.exe” doesn’t want to enter in 3D … I waited and waited for an hour … nothing happens. :noidea:
… Is this even legal ?
-
I happened to notice Defender SmartScreen was still flagging the ‘Falcon_BMS_4.35.1_Incremental.exe’ download as unsafe, so I submitted it to WDSI.
Within an hour they replied to let me know they whitelisted it, should no longer be flagged. Maybe I still have some pull there? lol
Hmm… didn’t seem like ‘Falcon_BMS_4.35_Setup.zip’ had as much trouble. I wonder if distributing as a .zip file maybe gets a little less scrutiny/paranoia, than distributing an .exe file? Not sure there’s any established standard for signing a zip file…
-
Hhmmm…. wouldn’t be a bad idea, that yours.
If only Defender could forget to check that zipped file when you’re trying to extract it… and we would be back with that, then.Let’s only hope then that whitelisting effectively lasts!
With best regards.
-
Did you ask them to whitelist Falcon_BMS_4.35.2_Incremental at the same time ???
-
As soon as someone sends me a copy I’ll submit it.
-
airtex check your MP.