PainTrain Posted December 25, 2020 Share Posted December 25, 2020 Hi all, I started DCS and there was an update waiting to upgrade from 2.5.6.55960 to 2.5.6.59625 but part way through the torrent Win defender blocked it saying it found a trojan in the file "C:\Program Files\Eagle Dynamics\DCS World\_downloads\Sounds.edc\23\23dfd88b13390df2b334ffa114afdd77f7f6cb86ed0848e55dccdfed69619031.downloading.652958c8d81280a6" Also there was a message window from ED updater that a file had a virus in it and closed. I should have grabbed a screen shot of it. anyone else have this today? All the best, PainTrain Link to comment Share on other sites More sharing options...
Madone Posted December 25, 2020 Share Posted December 25, 2020 You should have searched for it, it has already been reported and clarified, it's a false alert due to an encrypted audio file. Attempting update to 2.5.6.59398 and errors due to Virus? - Installation Problems - ED Forums (eagle.ru) Strike Posture Set CAS Center of Excellence Intel Core i5 4690k @4,6Ghz, Gigabyte GTX 970 OC, Gigabyte Z97-X, 16GB G Skill Sniper @2400, Samsung 860/850 EVO , Win 10 64 bits, Dual monitors 27"@144"Opentrack + TM Warthog + Saitek pro flight combat Link to comment Share on other sites More sharing options...
GoodHope Posted December 25, 2020 Share Posted December 25, 2020 (edited) delete Edited December 25, 2020 by GoodHope not needed Link to comment Share on other sites More sharing options...
rayrayblues Posted December 25, 2020 Share Posted December 25, 2020 Mine said that DCS.exe was ransomeware. SLAVA UKRAINI MoBo - ASUS 990FX R2 Sabertooth, CPU - AMD FX 9590 @4.7Gb. No OC RAM - GSkill RipJaws DDR3 32 Gb @2133 MHZ, GPU - EVGA GeForce GTX 1660Ti 6Gb DDR5 OC'd, Core 180MHz, Memory 800MHz Game drive - Samsung 980 M.2 EVO 1Tb SSD, OS Drive - 860 EVO 500Gb SATA SSD, Win10 Pro 22H2 Controls - Thrustmaster T-Flight HOTAS X, Monitor - LG 32" 1920 X 1080, PSU - Prestige ATX-PR800W PSU Link to comment Share on other sites More sharing options...
Dangerzone Posted December 26, 2020 Share Posted December 26, 2020 10 minutes ago, rayrayblues said: Mine said that DCS.exe was ransomeware. Yeah - that could be partly correct. It's been holding me to ransom ever since I started playing it and I haven't been able to escape... But in all seriousness - can you please post which antivirus software you are using. If it's of any help to anyone. I am using ESET Internet Security and have no virus detection on dcs.exe. The MD5 I have for dcs.exe is C14A3544DD2A697B312253CB2F1AE0B0AD86BD30F8BE3A8858ABD6292CF0C2A2 Link to comment Share on other sites More sharing options...
rayrayblues Posted December 26, 2020 Share Posted December 26, 2020 Malwarebytes. Been using it forever. Great app. Works alongside Win Defender with no problems. SLAVA UKRAINI MoBo - ASUS 990FX R2 Sabertooth, CPU - AMD FX 9590 @4.7Gb. No OC RAM - GSkill RipJaws DDR3 32 Gb @2133 MHZ, GPU - EVGA GeForce GTX 1660Ti 6Gb DDR5 OC'd, Core 180MHz, Memory 800MHz Game drive - Samsung 980 M.2 EVO 1Tb SSD, OS Drive - 860 EVO 500Gb SATA SSD, Win10 Pro 22H2 Controls - Thrustmaster T-Flight HOTAS X, Monitor - LG 32" 1920 X 1080, PSU - Prestige ATX-PR800W PSU Link to comment Share on other sites More sharing options...
PainTrain Posted December 26, 2020 Author Share Posted December 26, 2020 1 hour ago, Dangerzone said: Yeah - that could be partly correct. It's been holding me to ransom ever since I started playing it and I haven't been able to escape... But in all seriousness - can you please post which antivirus software you are using. If it's of any help to anyone. I am using ESET Internet Security and have no virus detection on dcs.exe. The MD5 I have for dcs.exe is C14A3544DD2A697B312253CB2F1AE0B0AD86BD30F8BE3A8858ABD6292CF0C2A2 HAHA so correct holding our wallets ransom for 2 more weeks at a time! But seriously, Thank you all for the replies, I find it strange that audio files are encrypted or is that normal and I just never look at the way games are made or is this an extra special audio file from Northrop that is only licensed to ED? Link to comment Share on other sites More sharing options...
Dangerzone Posted December 26, 2020 Share Posted December 26, 2020 12 hours ago, rayrayblues said: Malwarebytes. Been using it forever. Great app. Works alongside Win Defender with no problems. If you want to know for sure, do a MD5 check on the file. If it's different to what I've reported, it could be suspicious, otherwise I think you'll be find. False positives happen from time to time with individual virus software depending on the algorithm they use - had it happen with software I've compiled myself. Trick is to check the MD5 with the vendor, or run numerous other A/Vs against it (which can be done online) to see whether it's a false positive by your A/V or otherwise. Good luck with it. Link to comment Share on other sites More sharing options...
Cpt Cuckoo Posted December 27, 2020 Share Posted December 27, 2020 I had the same just happen to me. In fact I thought that DCS had updated yesterday and then restarted. But today I realized it is the old version of DCS and the update never finished. When I try to DL the update again I see that Windows Defender stops it due to the trojan. Well, now that I see that its a false alarm I'll ignore the warning. Link to comment Share on other sites More sharing options...
Rudel_chw Posted December 27, 2020 Share Posted December 27, 2020 On 12/25/2020 at 11:08 PM, PainTrain said: I find it strange that audio files are encrypted it’s to prevent people from editing the original sounds and then distribute the "improved" sounds as a User Mod. You can still customize the DCS audio, but you have to provide your own audio samples rather than take those made by ED. For work: iMac mid-2010 of 27" - Core i7 870 - 6 GB DDR3 1333 MHz - ATI HD5670 - SSD 256 GB - HDD 2 TB - macOS High Sierra For Gaming: 34" Monitor - Ryzen 3600X - 32 GB DDR4 2400 - nVidia GTX1070ti - SSD 1.25 TB - HDD 10 TB - Win10 Pro - TM HOTAS Cougar - Oculus Rift CV1 Mobile: iPad Pro 12.9" of 256 GB Link to comment Share on other sites More sharing options...
oldcrusty Posted December 27, 2020 Share Posted December 27, 2020 3 hours ago, Rudel_chw said: it’s to prevent people from editing the original sounds and then distribute the "improved" sounds as a User Mod. You can still customize the DCS audio, but you have to provide your own audio samples rather than take those made by ED. What pissed me off initially, after doing an OS re-install (new hardware and bloated windows was the reason) was not just sound file warning but dsc.exe also. 'Invalid signature' and some generic crap. I hushed the AV down but still... Paranoia can be good sometimes, hehe. I really shouldn't be, since nothing important is running on my rig. Just my nature Link to comment Share on other sites More sharing options...
silverdevil Posted December 28, 2020 Share Posted December 28, 2020 22 hours ago, Gripes323 said: What pissed me off initially, after doing an OS re-install (new hardware and bloated windows was the reason) was not just sound file warning but dsc.exe also. 'Invalid signature' and some generic crap. I hushed the AV down but still... Paranoia can be good sometimes, hehe. I really shouldn't be, since nothing important is running on my rig. Just my nature with the recent SolarWinds debacle, just assuming that patches are sound and free of oddities is causing some of us to second guess procedure. AKA_SilverDevil AKA Forums My YouTube “It is better to keep your mouth closed and let people think you are a fool than to open it and remove all doubt.” — Mark Twain Link to comment Share on other sites More sharing options...
Recommended Posts