Windows Defender found a Trojan in DCS

Flight Sims
1

I just updated to the latest DCS open beta.
Got a warning from Windows defender that it has quarantined a trojan script… :thinking:

Sorry about the pic, but I’m isolating this PC for the moment…

image
image612×816 211 KB

2 Likes
2

Uh oh

3

Help us @NineLine you’re our only hope…

2 Likes
4

I see others are posting the same, over at the ED forum…

5

I was playing yesterday and didn’t receive an error message, I wonder if it was recently introduced.

6

My steam auto updated, but I didn’t get a warning that I noticed. Standby, I’ll check that out.

7

I received the same thing yesterday when I finally updated my “Stable Release” version. My Windows Defender isolated and quarantined it. I did some research online and others in other games about two years ago were getting same thing on Steam etc…it was considered a false flag. I of course removed the file and did a full system scan which resulted in nothing being found. Doing another full system scan today.

2 Likes
8

Clearly this is SkyNet related. Nothing to see here, move along.

7 Likes
9

The Trojan script is located in the “downloads” file where the updated stuff goes to get installed in DCS.

10

Being part of the Nevada map this is probably just data that triggers a false positive. It can happen with large data sets. I usually double check with a Linux boot CD that brings some anti virus scanners, thus eliminating the possibility that it‘s already a running process hiding itself.

3 Likes
11

Yeah… I hope someone looks into it.

1 Like
12

@Gunnyhighway’s comments…:rofl::rofl::rofl:

3 Likes
13

Steam seems clean, if there was an issue I gather they would have done something such as alerting ED.

My server, with a standard install is also looking clean - so as suggested, it may be a false positive when it unpacks the data.

1 Like
14

PLEASE IGNORE ROBOT INTEGRATION EXE WARNING. EVERYTHING IS FINE. THIS IS A HUMAN SPEAKING. TRUST ME.

7 Likes
15

ED forum thread for those following along:

Virus checkers can’t run the code (would defeat the purpose of detection), so uses pure pattern matching to detect likely run-time naughtiness. Sometimes just pure data looks a bit like code that could run, so if from somewhere like a terrain file then very likely to be a false positive. Good to be cautious though.

4 Likes
16

Here’s how stupid I am:

I scanned the thread title and thought “Trojan” was the new graphics engine everyone keeps talking about. I was like, “yay! We’re finally getting Trojan!”

Good luck!

7 Likes
17

I mean, there are worse things to think it was…

1 Like
18

Finally in DCS!

5 Likes
19

image

4 Likes
20

Finally! :smiley:

3 Likes