Same, My BitDefender was all sorts of unimpressed.

BitDefender just needs to update it's latest definitions. That's all. Pretty common.

The ACE-DFS64.dll file is a plugin file for the Anti Cheat software that contains various 32bits and 64bits references and means for the software to detect cheats. It also contain definitions and process to detects cheats and unauthorized 3rd party software that may interfere with the game's.

The ACE in the name is defined as it's the name of Tencent's anti cheat division/sub company for games they published. Its full name is Anti Cheat Expert.

The Trojan Buggie Marte C installs pre-determined (API) Hooks and patches running processes. The trojan itself has traces that date from as far as 2023. Whatever it's malicious or not depends on the hooks and running processes that gets patched. This is why its Malicious analysis is so all-around-the-place on the web.

I'm not defending its uses, but I can point out that it's nothing new for company (especially Chinese) to use a Trojan to simulate certain cheats/unauthorized action against its anticheat during debugging. Still, it's a really bad thing for ACE to have left clear defined traces if it in there like that which can trigger an antivirus defense. Maybe ACE wasn't able to generate its own process analysis and makes use of it to do the job in its stead?

My guess of the reason why the anti-virus alert is not as universal for everyone is it should be is around 2 factors: What kind of software runs in the background of the users and can the Anti-Cheat finds out what each process is about without going deep?

Tencent's ACE's anti cheat has always been quite "hardcore", but its database is actually not always up-to-date. For example, let's say you install an app on your PC that change the color of your keyboard, mouse or desktop PC LED depending on sounds or else, that app will run all the time in the background of your PC as a process under a certain name. There are thousands of such software around and name & certificates aren't (if at all) always properly updated/generated.

For example, if an mouse LED software attempt to read the audio data of a game engine, the Anti Cheat can be like "Ho! Why at you attempting to check this? Who are you? What are you?" and the software, being not properly registered, fails pretty much a check so the Anti Cheat uses something like the Trojan Buggie Marte C to check deeper into the process to see if it's interacting with the game's file/process.

In such attempt, the anti-virus could see ACE-DFS64.dll as malicious because it used such unorthodox method. While another user might not run something that require "deep diving" so the anti-cheat never has to use the Trojan from its ACE-DFS64.dll file.

You might think "but isn't a Trojan always bad?" and I would say "Nope. Not at all. In fact, anti-virus themselves uses existing Trojan methods for MANY things and white-list their own method to avoid false-positives against themselves."

Does that means that this Trojan is good? Nope, it could be as bad as good.
Who can tell? Someone who would open up the ACE-DFS64.dll file and check what the Trojan install and modify.

Originally posted by Donoghu:

The ACE-DFS64.dll file is a plugin file for the Anti Cheat software that contains various 32bits and 64bits references and means for the software to detect cheats. It also contain definitions and process to detects cheats and unauthorized 3rd party software that may interfere with the game's.

The ACE in the name is defined as it's the name of Tencent's anti cheat division/sub company for games they published. Its full name is Anti Cheat Expert.

The Trojan Buggie Marte C installs pre-determined (API) Hooks and patches running processes. The trojan itself has traces that date from as far as 2023. Whatever it's malicious or not depends on the hooks and running processes that gets patched. This is why its Malicious analysis is so all-around-the-place on the web.

I'm not defending its uses, but I can point out that it's nothing new for company (especially Chinese) to use a Trojan to simulate certain cheats/unauthorized action against its anticheat during debugging. Still, it's a really bad thing for ACE to have left clear defined traces if it in there like that which can trigger an antivirus defense. Maybe ACE wasn't able to generate its own process analysis and makes use of it to do the job in its stead?

My guess of the reason why the anti-virus alert is not as universal for everyone is it should be is around 2 factors: What kind of software runs in the background of the users and can the Anti-Cheat finds out what each process is about without going deep?

Tencent's ACE's anti cheat has always been quite "hardcore", but its database is actually not always up-to-date. For example, let's say you install an app on your PC that change the color of your keyboard, mouse or desktop PC LED depending on sounds or else, that app will run all the time in the background of your PC as a process under a certain name. There are thousands of such software around and name & certificates aren't (if at all) always properly updated/generated.

For example, if an mouse LED software attempt to read the audio data of a game engine, the Anti Cheat can be like "Ho! Why at you attempting to check this? Who are you? What are you?" and the software, being not properly registered, fails pretty much a check so the Anti Cheat uses something like the Trojan Buggie Marte C to check deeper into the process to see if it's interacting with the game's file/process.

In such attempt, the anti-virus could see ACE-DFS64.dll as malicious because it used such unorthodox method. While another user might not run something that require "deep diving" so the anti-cheat never has to use the Trojan from its ACE-DFS64.dll file.

You might think "but isn't a Trojan always bad?" and I would say "Nope. Not at all. In fact, anti-virus themselves uses existing Trojan methods for MANY things and white-list their own method to avoid false-positives against themselves."

Does that means that this Trojan is good? Nope, it could be as bad as good.
Who can tell? Someone who would open up the ACE-DFS64.dll file and check what the Trojan install and modify.

Very good explanation but how u know all this? Where u get ur source/info?

i dont have that file ACE-DFS64.dll

Originally posted by PBIVRizzler:

BitDefender just needs to update it's latest definitions. That's all. Pretty common.

I can't believe people still think its an actual virus. A lot of games had false positives back in the day. Even CS had some issues with AV and their updates back in the day. They're all using useless AV like bitdefender, norton, kaspersky... All you need in 2025 is windows defender except you go on really really shady sites.