Jump to content

Windows Defender Reports Trojan


speed-of-heat

Recommended Posts

I got this message this morning firing up DCS:

 

Threat Detected: Trojan:Win32/Wacatac.D!ml

 

Alert Level: Severe

 

Category: Trojan

 

Details: This program is dangerous and executes commands from an attacker

 

Affected items:

file: E:\Games\Eagle Dynamics\DCS World Openbeta\Mods\aircraft\F14\bin\F14-HeatblurCommon.dll

 

with a link for more info here https://go.microsoft.com/fwlink/?linkid=142185&name=Trojan:Win32/Wacatac.D!ml&threatid=2147749373

 

I'm guessing this is a false positive ... but do want to check with MS https://www.microsoft.com/en-us/wdsi/filesubmission

SYSTEM SPECS: Hardware Intel Corei7-12700KF @ 5.1/5.3p & 3.8e GHz, 64Gb RAM, 4090 FE, Dell S2716DG, Virpil T50CM3 Throttle, WinWIng Orion 2 & F-16EX + MFG Crosswinds V2, Varjo Aero
SOFTWARE: Microsoft Windows 11, VoiceAttack & VAICOM PRO

1569924735_WildcardsBadgerFAASig.jpg.dbb8c2a337e37c2bfb12855f86d70fd5.jpg

Link to comment
Share on other sites

https://forums.eagle.ru/showpost.php?p=4305536&postcount=12

Solution for now is to whitelist (exclude from scanning) DCS folders in your AV software.

 

with respect, that's not a solution, that's a terrible idea. A solution would be for the company to submit its exe/dll/etc... into one of the major AV vendors for analysis ... and then it flow out to the ecosystem...

SYSTEM SPECS: Hardware Intel Corei7-12700KF @ 5.1/5.3p & 3.8e GHz, 64Gb RAM, 4090 FE, Dell S2716DG, Virpil T50CM3 Throttle, WinWIng Orion 2 & F-16EX + MFG Crosswinds V2, Varjo Aero
SOFTWARE: Microsoft Windows 11, VoiceAttack & VAICOM PRO

1569924735_WildcardsBadgerFAASig.jpg.dbb8c2a337e37c2bfb12855f86d70fd5.jpg

Link to comment
Share on other sites

Yep, had one too. Ended up misplaced in another sub-forum:

 

https://forums.eagle.ru/showthread.php?t=271271

Modules: FC3, Mirage 2000C, Harrier AV-8B NA, F-5, AJS-37 Viggen, F-14B, F-14A, Combined Arms, F/A-18C, F-16C, MiG-19P, F-86, MiG-15, FW-190A, Spitfire Mk IX, UH-1 Huey, Su-25, P-51PD, Caucasus map, Nevada map, Persian Gulf map, Marianas map, Syria Map, Super Carrier, Sinai map, Mosquito, P-51, AH-64 Apache

Link to comment
Share on other sites

I agree with Speed-of-heat. It's the publisher's responsibility to make sure their product is not running into issues like this. Each to their own but I don't intend to turn off protections.

 

If Eagle Dynamics are aware of the issue, then they can submit the file to the affected AV provider and if it's assessed as safe, the AV provider will let it through. I wouldn't suggest turning off your AV just so you can play a game, even trusted publishers can be compromised by external parties.

Link to comment
Share on other sites

I wouldn't suggest turning off your AV just so you can play a game, even trusted publishers can be compromised by external parties.

Even trusted AV companies can be compromised and the system you're running all of it on. You've been given the information. What you do with it is your choice. Afaik the stable version does not have this problem so there it is if you wish.

🖥️ Win10 i7-10700KF 32GB RTX3060   🥽 Rift S   🕹️ T16000M HOTAS   ✈️ FC3, F-14A/B, F-15E   ⚙️ CA   🚢 SC   🌐 NTTR, PG, Syria

Link to comment
Share on other sites

As I said, each to their own. I have made my choice, I'm going with my AV. I've got two purchases I'm holding off on pending a resolution to this issue.

 

Hopefully ED submit the files causing the problem soon and if they're safe then the AV will let it through.

 

True about stable version but what happens when stable is updated to the open beta build and the AV picks up the files there?

Link to comment
Share on other sites

Sorry Draconus, you are normally very helpful, in this case your advice is neither helpful , or accurate , and whilst its true everyone could be compromised, including AV vendors, thats akin to saying don't wear a seat belt because the manufacturing process is imperfect...


Edited by speed-of-heat

SYSTEM SPECS: Hardware Intel Corei7-12700KF @ 5.1/5.3p & 3.8e GHz, 64Gb RAM, 4090 FE, Dell S2716DG, Virpil T50CM3 Throttle, WinWIng Orion 2 & F-16EX + MFG Crosswinds V2, Varjo Aero
SOFTWARE: Microsoft Windows 11, VoiceAttack & VAICOM PRO

1569924735_WildcardsBadgerFAASig.jpg.dbb8c2a337e37c2bfb12855f86d70fd5.jpg

Link to comment
Share on other sites

No one forces you turn off the AV. It's your rightful choice to wait for the better versions of both DCS and/or AV defs if you wish so. Hopefully the stable, when it comes, will have these problems sorted after ED is happy with the beta.

 

I just gave info on options to let anyone enjoy the working beta when troubles like these happen. Keep in mind there are hundreds of thousands players enjoying it including devs, content creators and popular youtubers.

The reason behind AV alarms is the copy protection changes ED uses in their code which trigger detecting potentialy suspicious actions. It's called false postitive and of course ED is working on it but that is beyond the HB's abilities for a fix now.

🖥️ Win10 i7-10700KF 32GB RTX3060   🥽 Rift S   🕹️ T16000M HOTAS   ✈️ FC3, F-14A/B, F-15E   ⚙️ CA   🚢 SC   🌐 NTTR, PG, Syria

Link to comment
Share on other sites

No one forces you turn off the AV. It's your rightful choice to wait for the better versions of both DCS and/or AV defs if you wish so. Hopefully the stable, when it comes, will have these problems sorted after ED is happy with the beta.

 

I just gave info on options to let anyone enjoy the working beta when troubles like these happen. Keep in mind there are hundreds of thousands players enjoying it including devs, content creators and popular youtubers.

The reason behind AV alarms is the copy protection changes ED uses in their code which trigger detecting potentialy suspicious actions. It's called false postitive and of course ED is working on it but that is beyond the HB's abilities for a fix now.

 

actually HB could just submit there dll's when they release them .... it took me about 10 mins to do it for you to Microsoft.. you are welcome

SYSTEM SPECS: Hardware Intel Corei7-12700KF @ 5.1/5.3p & 3.8e GHz, 64Gb RAM, 4090 FE, Dell S2716DG, Virpil T50CM3 Throttle, WinWIng Orion 2 & F-16EX + MFG Crosswinds V2, Varjo Aero
SOFTWARE: Microsoft Windows 11, VoiceAttack & VAICOM PRO

1569924735_WildcardsBadgerFAASig.jpg.dbb8c2a337e37c2bfb12855f86d70fd5.jpg

Link to comment
Share on other sites

I have to agree, our job is to report a bug, dev's job to solve it.

Modules: FC3, Mirage 2000C, Harrier AV-8B NA, F-5, AJS-37 Viggen, F-14B, F-14A, Combined Arms, F/A-18C, F-16C, MiG-19P, F-86, MiG-15, FW-190A, Spitfire Mk IX, UH-1 Huey, Su-25, P-51PD, Caucasus map, Nevada map, Persian Gulf map, Marianas map, Syria Map, Super Carrier, Sinai map, Mosquito, P-51, AH-64 Apache

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...