FSDreamTeam forum
Products Support => Houston KIAH Support FSX/P3D => Topic started by: mbell on August 23, 2014, 05:28:27 am
-
Norton keeps removing Coutal. Says it's a bad fiole
-
Norton is clearly defective, and Symantec even confirmed they have white-listed the current version of Couatl.exe in the last email we got after we reported a False positive for what is probably the 10th time. They always reply like this, and I really don't know what else we can do, other than suggesting users to switch to a reliable antivirus.
As explained, many times already on the forum, when your antivirus is bugged, you must:
- Download and install with the antivirus turned entirely OFF
- Before running the antivirus, configure it to exclude the following files from scanning:
FSX\fsdreamteam\couatl\Couatl.exe
FSX\bglmanx.dll
-
Not shure, this is the right place to ask, but with the addon Manager not working all my Airports and GSX are in Trouble.
Starting my FSX yesterday I got the message, that there was a conflict with a file of the addon manager and that I should delete the file/program. What I unfortunatelley did.
I then started the download (version 024) and got the Norton 360 message.
Deleted what was downloaded again and repeated it with anti virus and firewall inactive.
Installation Ok, when I started the FSX I was asked if I accept the software as I was used it from previous installations.
After the insatllation there were no icons on the desktop, in the FSX Task bar the addon Manager is not indicated, GSX not reacting/working. If I try to start the addon manager from the .exe, there is no reaction at all.
I am a little confused, what went wrong and what shallI do to get it running again ?
Do I have to install GSX again (and probably all my airports) ?
-
I am a little confused, what went wrong and what shallI do to get it running again ?
- Download and install with the antivirus turned entirely OFF
- Before running the antivirus, configure it to exclude the following files from scanning:
FSX\fsdreamteam\couatl\Couatl.exe
FSX\bglmanx.dll
If you don't do both steps, nothing will work.
-
Hi,
just did like you suggested. Norton accepted, during download and install. I had deinstalled the Addon Manager before, excluded the two files.
When installing everything worked well, I accepted the two questions when starting the FSX.
But no result. Addon Manager does not Show up in the FSX Task bar, nor on the Desktop, nor can be started via the cuatl.exxe .
GSX not reacting at all, Airports (only two checked) no buildings, just jetways.
Sorry.
Regards Bernd
-
But no result. Addon Manager does not Show up in the FSX Task bar, nor on the Desktop, nor can be started via the cuatl.exxe .
It's possible the antivirus is still blocking it. It's not the first time we heard reports of an antivirus still blocking files even if they are explicitly excluded. Have you tried doing it again with the antivirus entirely disabled ?
If that still doesn't work, perhaps you have two problems at once, in addition to the bugged antivirus, you might have a problem with your VC++ libraries missing/corrupted, so the modules try to be loaded, but they can't find the required .DLLs in your system.
You can activate the Simconnect diagnostic mode to see what's wrong with your system. Open notepad, and copy the following text:
[SimConnect]
level=errors
console=1
RedirectStdOutToConsole=1
OutputDebugString=1
; file=c:\simconnect%03u.log
; file_next_index=0
; file_max_index=9
Save the file as SIMCONNECT.INI in this folder:
Documents And Settings\YOUR LOGIN NAME\Documents\Flight Simulator X files
At the next launch of the sim, you should see a text window with diagnostic message, that should tell what's going wrong. Let me know what you are getting, so we can have an idea what's happening. Only the first 15-20 lines are important. If the scrolling goes too fast, try again and use the "Pause" key on the keyboard to read the first lines of the screen.
-
Thks, I will try it over the weekend.
Is it may be the problem, that I uninstalled the Addon Manager completely via the Windows system uninstaller?
I was asked a bunch of questions/warnings, and just installing the 024 is not enough ?
Shall I try to install an airport (KIAH again, in order to repair missing links and open it for the rest ? I am not the big software expert, just as an idea ?
I am not on my FSX PC, but I remember that there were other bglmanx beside the .dll but obviously also related to your software. Probably they should also be excluded in Norton 360 ?
Best regards
Bernd
-
Shall I try to install an airport (KIAH again, in order to repair missing links and open it for the rest ? I am not the big software expert, just as an idea ?
Yes, the installer for the scenery includes everything needed for it to work. If you have uninstalled the Addon Manager entirely, and you had GSX, you will have to reinstall GSX too.
I am not on my FSX PC, but I remember that there were other bglmanx beside the .dll but obviously also related to your software. Probably they should also be excluded in Norton 360 ?
No, just the executables ( .DLL and .EXE ) need to be excluded.
-
SimConnect Diagnostic Output:
0.00000 SimConnect Version 10.0.61259.0
Thats all.
I will now download and reinstall GSX. Will see, what happens.
Best regards
Bernd
-
Just downloaded GSX again without turning off Norton 360.
Norton reported the .exe as save.
After the Installation Norton Report:
cuatel_updater.exe Blocked because including (SAPE.Heur.54ba).
Is it a threat ?
-
No it's not a threat.... Top of the post in Umberto's first reply.. "Download and install with the antivirus turned entirely OFF"
-
Ok, turning off the Anti Virus completely during installation, may solv the problem, but SAPE.Heur.54ba will be on my computer then.
And as far as I understand, it is a heuristic behavior detection. So the question remains, what the hell is it good for ?
Or in other words, what is the Installer doing with it ?
And it is not only Norton who are warning to accept this kind of virus.
... once it is executed has the capability of replicating itself and infect other files and programs. These type of malware, called Viruses, can steal hard disk space and memory that slows down or completely halts your PC. It can also corrupt or delete data, erase your hard drive, steal personal information ....
So what is the purpose in this case ?
If Norton is wrong it should not be difficult to clearly explain the need to have it in order to run FSdreamteam software ?
I am a bit concerned, hope this could be understood.
Kind regards
Bernd
-
Look up "false positive" in the forums..
-
Ok, turning off the Anti Virus completely during installation, may solv the problem, but SAPE.Heur.54ba will be on my computer then.
You are assuming that, *because* Norton said there is a virus in that file, it's true. That the main issue: it's a Norton BUG, there's no virus anywhere inside any of our files.
And as far as I understand, it is a heuristic behavior detection. So the question remains, what the hell is it good for ?
You mean what heuristic behavior detection is good for ? Nothing. Is advertised to be a feature that enables the antivirus to detect new virus before they are catalogued. In practice, it only increase the chance of false positive.
Or in other words, what is the Installer doing with it ?
Nothing, of course, it's a Norton bug.
And it is not only Norton who are warning to accept this kind of virus.
That's not the case.
Here's the report by virustotal.com on Couatl_Updater.exe file, NO antivirus detects it as a threat:
https://www.virustotal.com/en/file/8d1e2804908945d83a9b2e8c3f13dbc27df9d7a74168f0f566d8fc45cf39035a/analysis/
Here's the report by virustotal.com on Couatl.exe itself, 4 antivirus out of 55 are getting a false positive but, surprisingly, Symantec is NOT one of them:
https://www.virustotal.com/it/file/7322493831eb6ba32a6b8c16452b967b1c089ba2ffe7b2f69602c832cced9e2d/analysis/1418563556/
... once it is executed has the capability of replicating itself and infect other files and programs. These type of malware, called Viruses, can steal hard disk space and memory that slows down or completely halts your PC. It can also corrupt or delete data, erase your hard drive, steal personal information ....
If that virus was present, then yes.
If Norton is wrong it should not be difficult to clearly explain the need to have it in order to run FSdreamteam software ?
Of course it's wrong. An no, it's not "easy" to clearly explain to them to fix their bug, BECAUSE the perverse methodology the heuristic search works.
We contacted Symantec MANY times, sending samples of our files many times. Their reply is always the same, following these steps:
1) First, they deny their product detects that file as a threat. In fact, as you can see from virustotal.com, both files, taken independently, are NOT detected as threats by Symantec products.
2) We reply back with an explanation, that our Live Update system *downloads* that file, and all our installers downloads it too, and the way their bugged heuristic works, is they flag ANOTHER program to possibly be a threat, just because it *downloads* something that once WAS flagged as a threat.
3) They understand, and they reply they'll whitelist the program on their next Live Update.
This usually fix the issue temporarily, but after a while, they come up with a new update, that find a new kind of threat, always heuristically of course, because there's NOTHING wrong in the files.
The real reason is that, BECAUSE our programs are heavily encrypted in a way that nobody can peek inside them. Surely not an automatic antivirus program can figure it out what's inside. This protects us AND users as well: would you trust a product that allows you to buy directly in the sim typing your personal details including credit card info, if it WASN'T protected against tampering ?
So, BECAUSE Norton can't see what's inside the file, it assumes it "must" be a virus, based on behavioral patters: it protects itself against tampering. It downloads something. Then it MIGHT be a threat, because this is what trojan horses usually do.
That's HEURISTICS at work: they don't have the faintest idea what's inside a program, but since it appears to do things that sometimes trojans do, it might be one.
The issue is, since each and every of our installers downloads the Couatl.exe and the Couatl_updater.exe files, ALL of them might be heuristically detected as threats, so we should probably send several GBs of samples to Symantec EACH time we update something, which is really too time consuming, when it's clear their own fault.
The only sensible option for user is either:
1) Stop trusting Norton so blindly, and just exclude the files from scanning.
OR
2) Use a more reliable antivirus, one that doesn't require any configuration to begin with. Like the free and always updated one from Microsoft, for example.
-
Thank you for your answer.
I understand, that this is annoying and your answer should be pint (if not allready ? At least I did not see it, before finding this thread).
Up to now I did not have the opportunity to reinstall.
I am using Norton 360 in a bündle provided by my internet provider t-online and I will mail them also and send your reply.
Perhaps it helps.
Best regards
Bernd
-
It is very strange.
I was following your advise, disengaged antyvirus, scans etc. completely
during download and installation. Took even an other PC for the download.
Checked Simconnect.
Followed the trouble shooting according the manual and installed again
the mentioned windows file Microsoft Visual just to be sure.
No result. Neither the addon manager is activated/shown in the FSX bar,
nor cualtl.exe can be started.
What works is the cuatl updater, means it startts an update when activated..
When I started FSX I was asked to accept the software what I did.
None of the airports "works". (Activated in FSX).
I have no idea, what have went wrong ?
What else could I look for ?
Kind regards
Bernd
-
Checked Simconnect.
And the result ? Try to change the line
level=errors
into
level=normal
and try again.
When I started FSX I was asked to accept the software what I did.
Please indicate your actual output from the Simconnect diagnostic mode, with level = normal.
nor cualtl.exe can be started.
You cannot start it manually, it's supposed to run only when called by FSX, but if you got an error message when trying to start it, that might lead to what your problem is.
-
Hi,
neither Errors nor normal do make any differnce.
0.00000 SimConnect Version 10.0.61259.0
Kind regards
Bernd
-
neither Errors nor normal do make any differnce.
It seems your Simconnect is not responding OR nothing is being launched, which seems to indicate the antivirus is still blocking the modules, or perhaps has even removed them.
Try to change
level=normal
into
level=verbose
-
No, same result.
I checked the PC with a General scan and there was nothing mentioned to be critical.
The two critical files were marked as to be excluded.
-
I do not know, which programs also use simconnect ? They should be in trubble then also ?
I have
REX 2
EFB Aivlasoft
PM Sound Programm
The Avionics from Aerosoft Australia
RAAS (Freeware) on the same PC
WOAI (Freeware)
and on a second Networking
Avionics Aerosoft Australia
EFB
Topcat
PM Sound
They are always activ and all of them are working.
-
And forgot
Accu Feel from A2A
FSUIPC
on the FSX PC
-
Question,
when I am starting the FSX after installing the addon Manager for the first time.
Should I be asked then once (für the bglmanx.dll) and also separately for the cuatl.exe ?
I am asking, because I was under the Impression, that in the past I was asked twice, and just now, I installed the addon Manage again,(but without deleting it before) and was only asked once (bglmanx.dll).
-
Should I be asked then once (für the bglmanx.dll) and also separately for the cuatl.exe ?
Both programs, with two separate questions.
just now, I installed the addon Manage again,(but without deleting it before) and was only asked once (bglmanx.dll).
This is not meaningful, if don't reply YES to the questions "Do you want to remove the Addon manager ?" and YES to the question "Do you want to remove the Couatl scripting engine?" that are made at the end of the uninstall process.
Try to Uninstall and Reinstall, reply YES to BOTH the above questions, and NOTE if you are being asked permission to run the two modules.
-
I do not know, which programs also use simconnect ? They should be in trubble then also ?
I would guess that many of them use Simconnect. But in that case, you SHOULD see "something" in the Simconnect diagnostic window. If you aren't, it means that either none of them use Simconnect, or they are not working too or, possibly, not working entirely, perhaps they don't use Simconnect for everything.
-
I just reinstalled simconnect (repaired it), deleted the addon manger, einstalled it, started fSX and in this case was asked twice.
All programs do work and if FSX is waiting for a Client and then connecting (what happens), indicates, that simconnect is working ? EFB Aivlasoft f.e. Needs it and is working.
No sorry, waiting for a Client is widefs, if I am correct.
Just checked the EFB Manual ikt uses/Needs netframework 3.5
-
Probably the only way is to identify all eventually mislinked or uncompleted files, where ever the addon Manager is addressing the FSX and what so ever, delete it by hand and reinstall ?
To do so, you would have to tell me where I would have to look for.
The FSX and all ist components, addons, Service programs do work, I just checked, except the addons controlled by the addon Manager.
Kind regards
Bernd
-
The FSX and all ist components, addons, Service programs do work, I just checked, except the addons controlled by the addon Manager.
You still haven't posted a Simconnect log that indicates it's working normally. It's not possible it would show a blank line, with level=verbose, so something is wrong there.
-
But then this must have happend, when Norton, obviously after the last update, refused to accept the last GSX update.
Until I have reported my difficulties, everything worked well. GSX and all FSdreamteam Airports as well those controlled by the manager worked.
When I started the FSX Cualtl reported an GSX update, which I accepted, without shutting down the FSX (normal and recommended prodedure ?). Then obviously, when the update of GSX was intergrated Norton 360 (updates are automated) poped up with the known message and strongly recommended to delete the infected program. What I did, because at that time the FSX PCs were connected to my home network engaged with crucial jobs.
That GSX was not working anymore I realized, when I ordered push back.
Just to get it in the right way. I learned from you that the manager can only be started by the FSX active/working ?
So when I delete the manager in microsoft systems, download and install it again, what I now did several times. Always with Norton completely shut down and in addition the two mentioned files accepted.
I then start FSX and I am asked twice if I accept cuatl and bglman, The additional files are downloaded, I get all the reports, that default files are changed etc, everything like always before.
So the questions are
By what means FSX recognizes the manager? If it is FSX/Simconnect, than simconnect is working ?
So if I am asked, to accept the two files to be installed and connected or whatever is initiating by accepting, the additional downloads are started, messages that default files are exchanged, everything performs like I am used to for years now.
So to find the mistake, and this procedure is the presumption then I would have to look at what stage the manager is installed into the FSX and shown in the FSX bar.
Because I have not made any other installations after the problem occured and Norton deleted cuatl.exe and bglman.dll one or both must "infect" additional files, which obviously are recognized by Norton then as also infected and are blocked?
I am not a n expert, I just try to follow logical patterns. So the question, is it possible to name what can be looked after, is it possible to delete simmconnect and reinstall it, respectively, where do I find it ? Or is it part of the FSX ?
Kind regards
Bernd
-
I think it's just easier if you install Teamviewer, so I can connect to you and have a look at your system. Contact me in private to arrange that.
-
Good idea, I have Teamviewer.
Posted in Virtually sas, probably not the way to adress you in privat ?
Kind regards
Bernd
-
If you face similar Problems, delete GSX and addon Manager using Windows Systems.
Download GSX (only !) with Antivirus completely shut down uand install GSX (only !).
Then start FSX. You will be asked to accept both then, cuatl and addon Manager as yoe are used to.
Addon Manager and cuatl are now shown in the FSX bar again (what they were not in my case). And hopefully GSX and the Airports will work again. Could not check it (Christmas). But it Looks like, because before they were not active at all.
Merry Christmas to all of you.
Bernd
-
Hopefully I found a solution for at least my problem.
Which started with Norton 360 to refuse bglmanx.dll and cuatl.exe, when I was asked to update when starting FSX.
Norton recommended to delete addon manager and GSX, what I did.
Doing this and download GSX alone, intsalling (without the addon manager, it is installed by GSX itself, if not already available on the system), both worked again, but several other programs, features and modules did not work any more.
I just did the following and made a short touch go in FRA, and everything seeems to work again.
GSX, addon manager (I have no time to look after the airports), GoFlight etc.
I think this hint is worth to be tried trying desparatley to get jour systems running.
Go to the following side:
http://knowledge.autodesk.com/search-result/caas/sfdcarticles/sfdcarticles/How-to-remove-and-reinstall-Microsoft-Visual-C-Runtime-Libraries.html
and follow the instuctions.
Then to this side and download also:
http://www.microsoft.com/en-us/download/details.aspx?id=40784
Doing so my system is working again. Important download one and install, then download the next one and install on so on !!!
The strange thing is, that I now have only the 2013 VC++ in my sytem under software.
I have not checked, if VC++2013 obviously replaces all the older versions. No idea. So probably try only to install the VC++2013 and look if it solves your problems.
But even going through the whole procedure does only take a few minutes.
I really hope this is the solution for all of you ?
I forgot to mention that I still get the message when staring FSX not to accept the virtually Software, which I ignore, means I accept to run the Software.