Defender flags virus

Hi @FlyingRaccoon and Asobo team,

Version: *SU/AAU/WU 14

Frequency: Consistently

Severity: Blocker

Bug description:

We had to remove our wasm file from our zip we give out to our customers because Windows Defender flags the wasm file as a virus. The MS team told me to report this to you guys for testing. I surley can’t be the only dev now reporting this. The same wasm file in our project is the one from our Cessan 414. So you can test that file. We are hoping you can get Windows Defender to update their sodtware so we can get our file included in our project again.

Update. We have figured out it is NOT the wasm file. Some exe installers when including flight sim XML files or the wasm files will then get flagged from Windows Defender. For now we stopped using an installer. We find this annoying and hope you can reach out to Microsoft as they told us to contact you through this SDK support. This deserves some attention. Never in the years of giving out products to customers using an exe did this happen until now.

Other devs are also reporting this on the Microsoft Forums.

Hi @Flysimware,
What kind of installer are you using ? Are these installers signed ? Would you be able to send one of these installers to us ?
I have to say that when an antivirus decides to mistakenly flag a file, the problem should be reported to the antivirus developer - not the person who developed the application that was used to create the bundled files.
Anyway, I’ll discuss this with our Microsoft contacts when I get more information about these installers.

Best regards,

Eric / Asobo

Hi @EPellissier,

We have tried 2 types of installers.
Setup factory and Advanced Installer.

Setup factory we have been using for years with no issues.

Both of these have been around for years. I have never had to sign our software in the past and do not think this will fix this issue.

The last few weeks if we added the wasm file it flagged. Now if we add an simple XML file it flags. If I use other types of files it does NOT flag.

When we include only the files for our product without the exe to Microsoft Security Intelligence it does not flag. But with the exe it does flag when you have XML or Wasm files included. So I assume Defender they made some changes that are causing this.

Hello @Flysimware ,

Yes, it’s possible the recent MS Defender virus signature databases can cause this (unfortunate) side effect. I used to pack products using both Inno Setup and Advanced Installer, and had no virus alert issues, especially with WASM. I can’t give you an opinion with Setup Factory because, although I know about it, I don’t own a license of that software.

Though, I had a third-party antivirus at the time of building my installers, because MS Defender is a headache for me, not to mention that I think it’s a bit unreliable.

I’ll try with an installer I made for my E110 back in 2022, which as a WASM module on it, and check if it’s the virus database or not.

Regards,
Carlos Gonzalez
NextGen Simulations

1 Like

@Flysimware - in your last post you referred to “the exe” - is it the WASM module you are calling an EXE (it is not)? Or do you also include an EXE in your installer?

Best regards,

Eric / Asobo

1 Like

No i am NOT calling the wasm file an EXE. The EXE refers to the installer itself. The installer is what the user runs and was created from the Setup factory software.