Bit Defender Detecting Virus in Dedicated Server software


#1

I’m not sure if this is a false positive or not but I was setting up my on dedicated server and this popped up.

This is a used server that I completely wiped and formatted and installed a fresh version of Windows 10. The only thing loaded on it are windows, drivers, bit defender, the dedicated server installer and my Conan Game DB files. This pops up when I go to execute the DedicatedServerLauncher1015 file. provided in the very top post in this forum.

Again I understand this may be a false positive, but I want to verify this with Funcom before executing the file install.


#2

I can say that using Bit Defender has been the biggest freaken headache for me with numerous games and the dev kit. If I use both malwarebytes and Bit Defender at the same time, it blue screans my computer into oblivion when using the dev kit (took me days to figure out what the cause was). So ya, I’m inclined to believe this is yet another Bit Defender blocking more stuff then it needs to, as usual.


#3

Never ever, in no way and under no circumstances use multiple anti-virus programs at the same time.

This looks very much like a false positive espacially because he hasn’t found malware, he just found something that has similar characteristics as malware recognizable by the “Gen” which stand stands for generic.

This type, Strictor, is not a virus, it falls into the category of potentially unwanted software. The all infamous IE Toolbars fall into that category aswell.


#4

Could you check if the signed version is also triggering the antivirus?

I’ve added the link as a reply on this message:

The reason why the Dedicated Server Launcher triggers all that is probably because it does a lot of things that unwanted software would also do like spawning executables (SteamCMD, GameServer, …), creating and deleting files, it also contains a lot of code to listen and send messages on the network (on TCP and UDP), database stuff, encryption, etc… that are from the standard Funcom codebase and all together makes it appear like a suspiciously complex program relative to its size.

Just guessing :slight_smile:


#5

Okey Doke, all the above satisfy me, thanks very much, I appreciate it!


#6

Does the new version (Dedicated Server Launcher 1.0.15 Signed) works fine with BitDefender, or does it still flag it as a threat?

@Barnes said it solved the problem with Windows 8.1 SmartScreen, so hopefully that will help with other antivirus.


#7

Sorry, but I’ll have to find out tonight when I get home, I will test it out and update here asap. :slight_smile:


#8

Ok, got home and ran the signed version, it worked perfect with no issue or alerts whatsoever!
Thanks! :slight_smile:


#9

LOL, Nope, was working on the settings and Bit Defender started freaking out and trying to delete the server file. I’ll probably just set it to ignore the file.


#10

Wait,Bit Defender started to try to delete what exactly: The Server Launcher tool, or the the actual Conan Exiles Game Server files?

Did at least the error change, or is it still complaining about the “Gen:Variant.Strictor.34174” ?


#11

It was deleting the Server Launcher Tool, it seemed to ignore the uncompressed game server files completely. The weird thing is it did this a few minutes after I had run the installer and to top it off I had authorized the process in bit defender.

Also I’m not sure if it was related but after I got things sorted out where Bit Defender wasn’t trying to actively delete the Server Launcher and was in the process of configuring it, I kept getting an error message that it encountered an error and check the log file. This prevented me from saving my Server Launcher config settings. I took a screen shot of the error message but forgot to upload it, so I won’t have access until after work.

I was just thinking the second issue may be a result of Windows 10 UAC and probably nothing to do with Bit Defender. These are my server specs
:
[Dell PowerEdge T300 4-Core 2.83GHz E5440 24GB RAM 2x 500GB 3.5" HDD SAS 6/iR]


#12

Hard to say, it used to be possible to predict the behavior of anti-virus and other checking systems, now there are so much heuristics that you never really know if a non trivial program will pass the tests or not.

Anyway, yesterday I submitted the executable to the BitDefender analyzer, hopefully they will flag it (and the successor) as false positive instead of triggering alarms.

Now, if it’s an UAC issue, guess I should probably try to see how Windows react with default settings: It’s pretty much impossible for a programmer to work with default UAC settings, can’t even run your own programs or tools without the thing insulting your intelligence every three seconds :smiley:


#13

Just finished tinkering some more, it was DEFINITELY a UAC issue…gah I should have know better too! I guess that what I get for not running a “server edition” of windows, oh well worked like a charm once I turned UAC off and I was able to save my config. :+1:

Looks like my last step is just getting my port settings right so I can get the server to talk with the outside world safely through my firewall. On that note I have to give props to whomever designed the server launcher, having a button to test port access is really nice! :smiley:


#14

Guess I should add that to the FAQ then.
So… with the signed executable and the UAC disabled (or turned down a few notches) it all works.
Cool :slight_smile:

Looks like my last step is just getting my port settings right so I can get the server to talk with the outside world safely through my firewall. On that note I have to give props to whomever designed the server launcher, having a button to test port access is really nice! :smiley:

You’re welcome, it’s just a stupidly simple PHP script that answers to a network request by its own query on the same IP address: If the tool receives the answer, it means the port is accessible from the outside. Not really rocket science, the only annoying thing was that the code had to be different for the game ports (UDP) and RCON (TCP).

The whole point of the exercise was to make it easier for people to play using their own equipment, but I was not expecting to have to add so many features on top.


#15

Cool well thanks again then! It’s only a small server of 4-7 players, but I’ve been having my server hosted since March of 2017. After chatting with Barnes on this forum I decided to go my own way, since I’ve become highly suspicious that both my last two server providers were overloading the servers.

For example the week before the final release patch, even large structures would snap in. Then I was gone for a conference the week of the patch and when I came back performance was abysmal. At first I chalked it up to something with that patch, but there have been several since then and performance has not increased.

What I suspect now is that it probably wasn’t the patch, but a flood of new servers being over hosted on the server I was renting. Considering the timing, likely a flood of new CE servers. I just took awhile to put 2 and 2 together. :grinning:


#16

It lives! :slight_smile:

Couple other small things I noticed. Despite have a fully updated version of Windows 10, the Dedicated launcher wanted both the Directx Runtime and the MS Visual C++ 2015 Redistributable , both are free and not a problem to get but I thought it might be nice to mention in the guild for prepping a server.

I’m onto transferring my game backups over and setting up the config, and the only other thing I wanted to mention was it would be nice if the three config buttons on the lower left side of the Server Launcher had popup labels, otherwise everything appears to be perfect! Thank you!

Capture


#17

That’s strange, I thought the application was statically linking the CRT and did not include any Direct X calls.
Maybe another CMake configuration hiccup.

I’m onto transferring my game backups over and setting up the config, and the only other thing I wanted to mention was it would be nice if the three config buttons on the lower left side of the Server Launcher had popup labels, otherwise everything appears to be perfect! Thank you!

You mean “tooltips” ?

They are not really config buttons:

  • Copy connection information to clipboard
  • Open folder with config files
  • Open folder with log files

I did have tooltips at some point, but they were annoying so I removed them.
Guess I could have a checkmark option in the preference menu…