Windows Security flags SympleAstroFocus.ASCOM.Setup.exe as a trojan

[crashmaxx]

Windows won't let me download SympleAstroFocus.ASCOM.Setup.exe, since it thinks it's a trojan.

Detected: TrojanDownloader:Win32/Ursnif!ml Status: Removed

Date: 6/27/2022 5:03 PM Details: This program is dangerous and downloads other programs.

Affected items: file: C:\Users\andre\Downloads\SympleAstroFocus.ASCOM.Setup.exe

webfile: C:\Users\andre\Downloads\SympleAstroFocus.ASCOM.Setup.exe|https://objects.githubusercontent.com/github-production-release-asset-2e65be/389652652/e6873707-00e4-4af5-bb2c-0d5b1c1a9e3b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220627%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220627T210347Z&X-Amz-Expires=300&X-Amz-Signature=1f981833bf01f8e91a4543226b50510f79e7e4423f20acda7876b5d5db577010&X-Amz-SignedHeaders=host&actor_id=34484735&key_id=0&repo_id=389652652&response-content-disposition=attachment%3B%20filename%3DSympleAstroFocus.ASCOM.Setup.exe&response-content-type=application%2Foctet-stream|pid:31196,ProcessStart:133008374271266357

[AlistairSymonds]

Hmmm thanks for the report, I haven't hit this myself but I see there's a windows defender portal exe's can be submitted to. I've just used the default ASCOM iss installer 'flow' - so will see if anyone has hit this there too.

[AlistairSymonds]

@crashmaxx hopefully its been fixed now, should be able to redownload now and have windows defender let it through

If there's any issues with just redownloading, MS gave these commands to update definitions:

1. Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
2. Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
3. Run "MpCmdRun.exe -SignatureUpdate"

[crashmaxx]

That's great! I'll check and see if it worked tomorrow. Thanks

[crashmaxx]

Downloaded and installed no problem now.