Page MenuHomeFeedback Tracker

G DATA INTERNET SECURITY found a VIRUS in arma3battleye.exe after update
Closed, ResolvedPublic


It is happened after I updated 1.6 to 1.62 with Steam.

G DATA log:
Real-time protection
File: D:\Jatek\Steam\steamapps\downloading\107410\arma3battleye.exe
Malicious: Gen:Trojan.Heur2.FU.@G1@aiqf3Iri (A Motor)

G DATA INTERNET SECURITY block arma3battleye.exe

Software version:
Virus signature: (20160711_1044) 2016-07-11


Operating System
Windows 7 x64
Operating System Version
6.1.7601 Service Pack 1 build 7601
Steps To Reproduce


Event Timeline

adam520 created this task.Jul 11 2016, 10:24 PM
adam520 renamed this task from G DATA INTERNET SECURITY block arma3battleye.exe to G DATA INTERNET SECURITY found a VIRUS in arma3battleye.exe after update.Jul 14 2016, 1:44 PM
adam520 updated the task description. (Show Details)

Ok, because is not reaction here I send this report to Battleye dev team.

It seems to fall in the Heuristik of Gdata. Just add it to the exception list. There are methods BE uses that remind of a Trojan. Thats the problem in Heuristik

I received an any kind of official answer yet. I consider the file viral one till then.

I dont know adam but it seems to be an issue in GData dince virustotal is just saying positiv on 3 AVs

Response from BattlEye Support <>

"Unfortunately some software is blocking BE on your system. I can only advise you to follow the solutions mentioned in our FAQ (including adding exceptions to your anti-virus, etc.).

If nothing helps I'm afraid I can only suggest a Windows repair install since it's almost impossible to find out what it is causing this. You can find information on how to perform a repair install for your particular system by searching on Google (for example, see "

Not a great answer but i can't what to do, that's it!
Maybe a virus maybe not.

As such repair Installations are pretty complicated. At first i would isolate the file and upload it on Virustotal. There you can check what the AVs tell you. The other thing is Virustotal gives you the hashes of the file that are pretty unique.
@Adam could you provide the hashes for the original file so he can compare if its the same file.

If so it eould be easier to add a exception.

I withdrew the file from the quarantine, and I had it examined with It did not signal a virus. The G data internet security software does not find a virus in file already now.

There was false alarm presumably. I believe it since then refreshed on the virus scanner.

dedmen closed this task as Resolved.May 27 2020, 10:38 AM
dedmen claimed this task.