Windows Defender found a Trojan in DCS

#1

I just updated to the latest DCS open beta.
Got a warning from Windows defender that it has quarantined a trojan script… :thinking:

Sorry about the pic, but I’m isolating this PC for the moment…

2 Likes

#2

Uh oh

0 Likes

#3

Help us @NineLine you’re our only hope…

2 Likes

#4

I see others are posting the same, over at the ED forum…

0 Likes

#5

I was playing yesterday and didn’t receive an error message, I wonder if it was recently introduced.

0 Likes

#6

My steam auto updated, but I didn’t get a warning that I noticed. Standby, I’ll check that out.

0 Likes

#7

I received the same thing yesterday when I finally updated my “Stable Release” version. My Windows Defender isolated and quarantined it. I did some research online and others in other games about two years ago were getting same thing on Steam etc…it was considered a false flag. I of course removed the file and did a full system scan which resulted in nothing being found. Doing another full system scan today.

2 Likes

#8

Clearly this is SkyNet related. Nothing to see here, move along.

7 Likes

#9

The Trojan script is located in the “downloads” file where the updated stuff goes to get installed in DCS.

0 Likes

#10

Being part of the Nevada map this is probably just data that triggers a false positive. It can happen with large data sets. I usually double check with a Linux boot CD that brings some anti virus scanners, thus eliminating the possibility that it‘s already a running process hiding itself.

3 Likes

#11

Yeah… I hope someone looks into it.

1 Like

#12

@Gunnyhighway’s comments…:rofl::rofl::rofl:

3 Likes

#13

Steam seems clean, if there was an issue I gather they would have done something such as alerting ED.

My server, with a standard install is also looking clean - so as suggested, it may be a false positive when it unpacks the data.

1 Like

#14

PLEASE IGNORE ROBOT INTEGRATION EXE WARNING. EVERYTHING IS FINE. THIS IS A HUMAN SPEAKING. TRUST ME.

7 Likes

#15

ED forum thread for those following along:

https://forums.eagle.ru/showthread.php?t=238022

Virus checkers can’t run the code (would defeat the purpose of detection), so uses pure pattern matching to detect likely run-time naughtiness. Sometimes just pure data looks a bit like code that could run, so if from somewhere like a terrain file then very likely to be a false positive. Good to be cautious though.

4 Likes

#16

Here’s how stupid I am:

I scanned the thread title and thought “Trojan” was the new graphics engine everyone keeps talking about. I was like, “yay! We’re finally getting Trojan!”

Good luck!

7 Likes

#17

I mean, there are worse things to think it was…

1 Like

#18

Finally in DCS!

5 Likes

#19

image

4 Likes

#20

Finally! :smiley:

3 Likes