dcs.exe RTP detection Compromised, malware detection

[PSYKOnz]

hi there

 

I have the "DCS Open Beta Server" installed on a separate server computer

 

Over the past few days, my malware bytes anti-malware program on my server PC keeps coming up with a "compromised" detection on dcs.exe.

 

it says its an inbound detection and that it is compromised, it then takes the action of "blocking website"

 

I can see the IP address that it's on and the port is 51582.

 

the IP address is not the same as the server address

 

the file is the correct address for dcs.exe on my computer

 

I had 4 of these detections happen in the space of 20 minutes one night then only 1 the next night

 

dcs.exe and dcs_updater and the entire DCS program files folder are already in my allow list

 

I have all the files should you need them.

 

I guess what I'm asking is, is this normal, is this a false positive or has my DCS server or server pc truly been compromised

 

I should add that this server pc is just that a server pc, it has DCS and IL2 servers on it and the basics for windows + antivirus etc. nothing else. I don't use it for anything but the server hosting. I had even formatted and reinstalled windows 2 weeks ago to get it running as good as it can

Edited May 16, 2020 by PSYKOnz

[PSYKOnz]

I have been going through my detections and I have also found another DCS.exe detection, this time from another different IP address than the first one with the port 51331 detected as SPAM. another inbound connection this one 4 days before the new compromised ones

 

what is going on?