WhoMadeWho Posted May 23, 2017 Posted May 23, 2017 Just a note - I tried downloading the newest DCS-BIOS tonight and it seems the built-in antivirus on Windows 10 does not like a socat dll present in the archive... This was downloaded from the official github site https://github.com/dcs-bios/dcs-bios/releases/tag/v0.5.3
FSFIan Posted May 23, 2017 Posted May 23, 2017 (edited) The same happens on my machine. Windows Defender will apparently complain about every DCS-BIOS release now (as they all use the same copy of socat). My guess is the behavioral engine goes "Oh no! It does network stuff, it must be evil!" or something. Socat is the swiss army knife of network connections, and some of the things it is capable of must upset Windows Defender. I don't know since when Windows Defender has complained about this. Usually I have no reason to download my own software from the internet, so Windows Defender has no reason to scan those files on my machine. None of the virus scanners used by VirusTotal can find anything wrong with the file. EDIT: Holy cow, Windows 10 is being a bitch and providing no obvious way to shut it up and download the file. Windows Defender just deletes it without even asking! When I go to the "Windows Defender Security Center", it claims "no threats found". Clicking on "Scan history", it lists "No threats" under "Quarantined threats". Only the third click ("See full details") reveals that it ever scanned and then deleted the downloaded file. Edited May 23, 2017 by [FSF]Ian DCS-BIOS | How to export CMSP, RWR, etc. through MonitorSetup.lua
FSFIan Posted May 23, 2017 Posted May 23, 2017 Ok, I found a way to download the file without Windows Defender deleting it afterwards: Create a new folder somewhere, for example "Downloads/StuffFromTheScaryInternet" Open "Windows Defender Security Center" Got to "Virus & Threat Protection" > "Virus & threat protection settings" > "Add or remove exclusions" and add your new folder as an exclusion. Files downloaded to that folder won't be scanned by Windows Defender. Using right-click > "Save link as" in your browser, download the file into your new folder. Now you can remove the exclusion. DCS-BIOS | How to export CMSP, RWR, etc. through MonitorSetup.lua
WhoMadeWho Posted May 23, 2017 Author Posted May 23, 2017 Ian;3145036']Ok, I found a way to download the file without Windows Defender deleting it afterwards: Create a new folder somewhere, for example "Downloads/StuffFromTheScaryInternet" Open "Windows Defender Security Center" Got to "Virus & Threat Protection" > "Virus & threat protection settings" > "Add or remove exclusions" and add your new folder as an exclusion. Files downloaded to that folder won't be scanned by Windows Defender. Using right-click > "Save link as" in your browser, download the file into your new folder. Now you can remove the exclusion. Thanks [FSF]Ian. I checked Virustotal last night as well. The file is indeed not malicious at all and is rather old (was compiled back in 2012). You'd think Microsoft would have built a reputation on this file by now, but I suppose someone used it for evil - just like netcat can be used for good or evil.
Recommended Posts