To everyone reporting that Commander has stopped working because their Anti-malware has reported it to be infected with a virus


Dave AA6YQ
 

1. Neither Commander nor any other DXLab application is infected with a virus. The anti-malware application telling you otherwise is
defective.

2. You can confirm this for yourself:

<https://www.dxlabsuite.com/dxlabwiki/FalsePositive>

3. If you don't replace your defective anti-malware application, expect to frequently repeat this experience; please don't report
those repetitions here. It's irrelevant that your anti-malware application never did this in the past; it's doing it now, and will
likely do so in the future.

4. If your anti-malware application has quarantined or deleted the file

CI-V Commander.exe

from your Commander folder,

4a. make a copy of the file

CI-V Commander1453.exe

4b. rename this copy

CI-V Commander.exe


If you've already upgraded to Commander 14.5.5, then in step 4a above, make the copy of

CI-V Commander1455.exe


Whatever you do, never panic! Deleting application folders or directing Windows to uninstall applications can convert a
trivial-to-repair incident into a disaster. If you don't know what to do, post a question here.

73,

Dave, AA6YQ


Carl Licari-NX5T
 
Edited

I'm not getting a malware alert. When I try to launch DxLab it says commander. exe does not exist.
I don't have CI-V Commander1453.exe, the latest I have is CI-V Commander 1440.exe and cannot get the update installed.
Any ideas?

Thx
Carl 
NX5T


g4wjs
 

On 05/04/2020 16:47, Carl Licari-NX5T wrote:
I'm not getting a malware alert. When I try to launch DxLab it says commander. exe does not exist.
I don't have CI-V Commander1453.exe, the latest I have is CI-V Commander 1440.exe and cannot get the update installed.
Any ideas?

Thx
Carl
NX5T
Carl,

open up Windows Defender, go to History, check Quarantined items, press the View details button. Locate the entry for the quarantined Commander.exe (probably labelled Trojan:Win32/Azden.B!cl), select it and press the Restore button.



--
73

Bill

G4WJS.


Carl Licari-NX5T
 

Update: I changed the name of Commander1440.exe to Commander.exe and got Commander to launch and did the upgrade to Commander1455.exe. Now the old rename of 1440 to Commander.exe is in the folder with Commander1455.exe. Shud I now delete the renamed 1440 file and then rename the 1455 file to Commander.exe? How can I see what Commander is actually running?
Thx
Carl


Carl Licari-NX5T
 

Bill...
I received no alert from Windows Defender so I made copies of both 1440 and 1455. I then deleted the renamed 1440 to Commander.exe file, then renamed 1455 file to Commander.exe and all appears to be working fine now.

Carl
NX5T


g4wjs
 

On 05/04/2020 17:09, Carl Licari-NX5T wrote:
Bill...
I received no alert from Windows Defender so I made copies of both 1440 and 1455. I then deleted the renamed 1440 to Commander.exe file, then renamed 1455 file to Commander.exe and all appears to be working fine now.

Carl
NX5T
Carl,

that's OK but in my opinion it is much easier to simply tell Defender to restore the file it quarantined.



--
73

Bill

G4WJS.


Carl Licari-NX5T
 

Upon further review when doing a lookup in DXKeeper I get Callbook Error: Not connected to Pathfinder. Is this related?

Carl
NX5T


Peter Laws / N5UWY
 

On Sun, Apr 5, 2020 at 11:11 AM g4wjs <bill.8@...> wrote:



that's OK but in my opinion it is much easier to simply tell Defender to
restore the file it quarantined.

Sure, if that's an option. I was not offered that option. As I
mentioned in another thread, Windows Defender seems to have changed
how it operates.



--
Peter Laws | N5UWY | plaws plaws net | Travel by Train!


Carl Licari-NX5T
 

I did the restore and now do not get the callbook error.

Thanks!
Carl
NX5T


Dave AA6YQ
 

+ AA6YQ comments below

Update: I changed the name of Commander1440.exe to Commander.exe and got Commander to launch and did the upgrade to Commander1455.exe. Now the old rename of 1440 to Commander.exe is in the folder with Commander1455.exe.

+ No. When you upgraded to Commander 14.5.5, the Launcher

1. deleted CI-V Commander.exe

2. made a copy of CI-V Commander1455.exe and renamed that copy CI-V Commander.exe

+ Unless you manually change things, CI-V Commander.exe will always be the version of Commander to which you last upgraded.


Shud I now delete the renamed 1440 file and then rename the 1455 file to Commander.exe?

+ No.


How can I see what Commander is actually running?

+ Look in the title bar of Commander's Main window.

73,

Dave, AA6YQ


Dave AA6YQ
 

+ AA6YQ comments below

Upon further review when doing a lookup in DXKeeper I get Callbook Error: Not connected to Pathfinder. Is this related?

+ If you're anti-malware application can decide to spontaneously damage Commander, it can decide to spontaneously damage any of your DXLab applications.

+ As a diagnostic step, boot Windows into "Safe mode with networking". Start DXKeeper and Pathfinder. Can you now perform callbook lookups?

73,

Dave, AA6YQ


g4wjs
 

On 05/04/2020 17:50, Peter Laws wrote:
On Sun, Apr 5, 2020 at 11:11 AM g4wjs <bill.8@...> wrote:


that's OK but in my opinion it is much easier to simply tell Defender to
restore the file it quarantined.
Sure, if that's an option.  I was not offered that option.  As I
mentioned in another thread, Windows Defender seems to have changed
how it operates.

Hi Peter,

Windows Defender seems to have two modes of operation. If it quarantines something via its so-called realtime protection it adds the item to the quarantined items list. OTOH if it quarantines something as a result of a scan, it puts it into another list where the restore action is confusingly called "Allow". Either way, restoring or allowing, gets the quarantined item released and restored in my experience.


--
73

Bill

G4WJS.


Steve K8JQ
 

How does one open Windows Defender to see anti-virus activity?

I see a Start menu listing for "Windows Defender Firewall with Advanced Security on Local Computer" but that does not seem to deal with the anti-virus part of Windows Defender.

Steve, K8JQ


On 4/5/2020 11:57 AM, g4wjs wrote:
On 05/04/2020 16:47, Carl Licari-NX5T wrote:
I'm not getting a malware alert. When I try to launch DxLab it says commander. exe does not exist.
I don't have CI-V Commander1453.exe, the latest I have is CI-V Commander 1440.exe and cannot get the update installed.
Any ideas?

Thx
Carl
NX5T

Carl,

open up Windows Defender, go to History, check Quarantined items, press the View details button. Locate the entry for the quarantined Commander.exe (probably labelled Trojan:Win32/Azden.B!cl), select it and press the Restore button.





g4wjs
 

On 05/04/2020 20:19, Steve K8JQ wrote:
How does one open Windows Defender to see anti-virus activity?

I see a Start menu listing for "Windows Defender Firewall with Advanced Security on Local Computer" but that does not seem to deal with the anti-virus part of Windows Defender.

Steve, K8JQ


On 4/5/2020 11:57 AM, g4wjs wrote:
On 05/04/2020 16:47, Carl Licari-NX5T wrote:
I'm not getting a malware alert. When I try to launch DxLab it says commander. exe does not exist.
I don't have CI-V Commander1453.exe, the latest I have is CI-V Commander 1440.exe and cannot get the update installed.
Any ideas?

Thx
Carl
NX5T

Carl,

open up Windows Defender, go to History, check Quarantined items, press the View details button. Locate the entry for the quarantined Commander.exe (probably labelled Trojan:Win32/Azden.B!cl), select it and press the Restore button.



--
73

Bill

G4WJS.


Ed Sutter KC9JBU
 

Dave, wish I had read your comments earlier. Did not think of anti virus software. I took the long road after trying everything else I could think of not realizing that it was effecting others. I saved my log and macros and then did a complete uninstall of DxLab. I then reinstalled DxLab from scratch and it worked. After reading your comments I looked at my Win 10 Defender Anti Virus and found where it had stopped Commander. Could have fixed it right there and then. Will look at anti virus next time I have similar problem first. Thanks for you great support.

Ed 73
KC9JBU