Jump to content

Trojan in Christmas patch?


Recommended Posts

Hi all,

I started DCS and there was an update waiting to upgrade from 2.5.6.55960 to 2.5.6.59625 but part way through the torrent Win defender blocked it saying it found a trojan in the file "C:\Program Files\Eagle Dynamics\DCS World\_downloads\Sounds.edc\23\23dfd88b13390df2b334ffa114afdd77f7f6cb86ed0848e55dccdfed69619031.downloading.652958c8d81280a6"

 

Also there was a message window from ED updater that a file had a virus in it and closed. I should have grabbed a screen shot of it. anyone else have this today?

 

All the best,

PainTrain

Link to post
Share on other sites

You should have searched for it, it has already been reported and clarified, it's a false alert due to an encrypted audio file.

 

Attempting update to 2.5.6.59398 and errors due to Virus? - Installation Problems - ED Forums (eagle.ru)

JFSU Air to Ground Center of Excellence Discord

Intel Core i5 4690k @4,6Ghz, Gigabyte GTX 970 OC, Gigabyte Z97-X, 16GB G Skill Sniper @2400, Samsung 860/850 EVO , Win 10 64 bits, Dual monitors 27"@144"Opentrack + TM Warthog + Saitek pro flight combat 

 

Link to post
Share on other sites
10 minutes ago, rayrayblues said:

Mine said that DCS.exe was ransomeware.

 

Yeah - that could be partly correct. It's been holding me to ransom ever since I started playing it and I haven't been able to escape... 🙂

 

But in all seriousness - can you please post which antivirus software you are using.

 

If it's of any help to anyone. I am using ESET Internet Security and have no virus detection on dcs.exe. 

 

The MD5 I have for dcs.exe is C14A3544DD2A697B312253CB2F1AE0B0AD86BD30F8BE3A8858ABD6292CF0C2A2

 

 

  • Haha 2
Link to post
Share on other sites
1 hour ago, Dangerzone said:

 

Yeah - that could be partly correct. It's been holding me to ransom ever since I started playing it and I haven't been able to escape... 🙂

 

But in all seriousness - can you please post which antivirus software you are using.

 

If it's of any help to anyone. I am using ESET Internet Security and have no virus detection on dcs.exe. 

 

The MD5 I have for dcs.exe is C14A3544DD2A697B312253CB2F1AE0B0AD86BD30F8BE3A8858ABD6292CF0C2A2

 

 

HAHA so correct holding our wallets ransom for 2 more weeks at a time!

 

But seriously, 

Thank you all for the replies, I find it strange that audio files are encrypted or is that normal and I just never look at the way games are made or is this an extra special audio file from Northrop that is only licensed to ED?

Link to post
Share on other sites
12 hours ago, rayrayblues said:

Malwarebytes. Been using it forever. Great app. Works alongside Win Defender with no problems.

 

If you want to know for sure, do a MD5 check on the file. If it's different to what I've reported, it could be suspicious, otherwise I think you'll be find. False positives happen from time to time with individual virus software depending on the algorithm they use - had it happen with software I've compiled myself. Trick is to check the MD5 with the vendor, or run numerous other A/Vs against it (which can be done online) to see whether it's a false positive by your A/V or otherwise. Good luck with it.

Link to post
Share on other sites

I had the same just happen to me. In fact I thought that DCS had updated yesterday and then restarted. But today I realized it is the old version of DCS and the update never finished. When I try to DL the update again I see that Windows Defender stops it due to the trojan. Well, now that I see that its a false alarm I'll ignore the warning.

Aorus 7 laptop using WiFi

9th Gen Intel® Core™ i7-9750H 1.5 TB NVMe SSD

NVIDIA GeForce GTX 1660ti - 16GB RAM

T.Flight X Throttle/Extreme3D Pro Stick -yuk!

Link to post
Share on other sites
On 12/25/2020 at 11:08 PM, PainTrain said:

I find it strange that audio files are encrypted


it’s to prevent people from editing the original sounds and then distribute the "improved" sounds as a User Mod. You can still customize the DCS audio, but you have to provide your own audio samples rather than take those made by ED.

 

For work: iMac mid-2010 of 27" - Core i7 870 - 6 GB DDR3 1333 MHz - ATI HD5670 - SSD 256 GB - HDD 2 TB - macOS High Sierra

For Gaming: 34" Monitor - Ryzen 3600 - 32 GB DDR4 2400 - nVidia GTX1070ti - SSD 1.25 TB - HDD 10 TB - Win10 Pro - TM HOTAS Cougar - Oculus Rift CV1

Mobile: iPad Pro 12.9" of 256 GB

Link to post
Share on other sites
3 hours ago, Rudel_chw said:


it’s to prevent people from editing the original sounds and then distribute the "improved" sounds as a User Mod. You can still customize the DCS audio, but you have to provide your own audio samples rather than take those made by ED.

 

What pissed me off initially, after doing an OS re-install (new hardware and bloated windows was the reason) was not just sound file warning but dsc.exe also. 'Invalid signature' and some generic crap. I hushed the AV down but still... 

Paranoia can be good sometimes, hehe.  I really shouldn't be, since nothing important is running on my rig. Just my nature🕵️‍♂️

Link to post
Share on other sites
22 hours ago, Gripes323 said:

 

What pissed me off initially, after doing an OS re-install (new hardware and bloated windows was the reason) was not just sound file warning but dsc.exe also. 'Invalid signature' and some generic crap. I hushed the AV down but still... 

Paranoia can be good sometimes, hehe.  I really shouldn't be, since nothing important is running on my rig. Just my nature🕵️‍♂️

with the recent SolarWinds debacle, just assuming that patches are sound and free of oddities is causing some of us to second guess procedure.

AKA_SilverDevil

==========================================

Go to Heaven for the climate, Hell for the company.

Mark Twain

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...