Elf1606688794 Posted June 9, 2024 Posted June 9, 2024 On 6/5/2024 at 3:56 PM, lvl4f said: In my case, every time I clicked on the action of eliminating the threat and restarting my computer, it was detected again, and it continued to be added to the other reports, without being deleted, and my Microsoft Defender also continued with an alert big yellow icon. This is behavior indicative of malware. Personally, I don't take chances with "potential" or actual malware. 2 hours ago, silverdevil said: how can they be responsible for AV or anything else on an end user's computer? If it was malware uploaded during an update they would certainly be responsible for it being on an end users computer.
maxTRX Posted June 9, 2024 Posted June 9, 2024 5 hours ago, silverdevil said: there are two sides to this discussion. maybe ED should submit their files sure. but historically all good AV vendors have a way to submit a file for review by an end user. that way its not ED saying "we do not have viruses in our code. trust us." the AV vendor responsibility is to the end user that pays for the AV software. not to ED in this case. ED EULA is quite clear. how can they be responsible for AV or anything else on an end user's computer? Their hands are washed clean with this EULA "...beyond reasonable control" - that's all I need to know. The updated packages are submitted to someone with reasonable control and of course that someone makes sure that all packages are tested thoroughly and not a single bug can slip through. The internal testers never seem to notice any... OK, one or two maybe. Who cares about some .dll alerts? Oh yeah, the testers probably have the entire DCS dir. excluded or simply don't use AVs. I admire their trust. I'm just a paranoid oddball.
snuffles Posted June 10, 2024 Posted June 10, 2024 Are our hashes all the same, to be sure? SHA256 hash of suspect file: Hash: 5FC144FBA5DBF211B94F29D6AD4770C7B77B2ECDF2BC17F66AF17301675662D6 Path: \Mods\aircraft\M-2000C\bin\M2KC_FM.dll SHA256 hash of refreshed file: Hash: 5FC144FBA5DBF211B94F29D6AD4770C7B77B2ECDF2BC17F66AF17301675662D6 Path: \Mods\aircraft\M-2000C\bin\M2KC_FM.dll I don't always openly list my things. But when I do, I put it in my signature.
ED Team BIGNEWY Posted June 10, 2024 ED Team Posted June 10, 2024 Hi all, We have checked the files during testing and all seems ok for us. With that said personal security is important and you should submit the files to your provider for checking. Some antivirus trigger due to the way the files are encrypted and the drm, some people will exclude DCS from scans for that reason, but again this is a personal choice to make. 2 Forum rules - DCS Crashing? Try this first - Cleanup and Repair - Discord BIGNEWY#8703 - Youtube - Patch Status Windows 11, NVIDIA MSI RTX 3090, Intel® i9-10900K 3.70GHz, 5.30GHz Turbo, Corsair Hydro Series H150i Pro, 64GB DDR @3200, ASUS ROG Strix Z490-F Gaming, PIMAX Crystal
Lange_666 Posted June 10, 2024 Posted June 10, 2024 (edited) 1 hour ago, snuffles said: Are our hashes all the same, to be sure? SHA256 hash of suspect file: Hash: 5FC144FBA5DBF211B94F29D6AD4770C7B77B2ECDF2BC17F66AF17301675662D6 Path: \Mods\aircraft\M-2000C\bin\M2KC_FM.dll SHA256 hash of refreshed file: Hash: 5FC144FBA5DBF211B94F29D6AD4770C7B77B2ECDF2BC17F66AF17301675662D6 Path: \Mods\aircraft\M-2000C\bin\M2KC_FM.dll I have the same hashnr for this dll file. Removed the DCS folder from exclusion in the AV scan. When I then scan the single file with my AV it comes up clean. Then scanned the entire DCS folder, everything clean. Re-added DCS folder to exclusion in AV settings. Edited June 10, 2024 by Lange_666 1 Win11 Pro 64-bit, Ryzen 5800X3D, Corsair H115i, Gigabyte X570S UD, EVGA 3080Ti XC3 Ultra 12GB, 64 GB DDR4 G.Skill 3600. Monitors: LG 27GL850-B27 2560x1440 + Samsung SyncMaster 2443 1920x1200, HOTAS: Warthog with Virpil WarBRD base, MFG Crosswind pedals, TrackIR4, Rift-S, Elgato Streamdeck XL. Personal Wish List: A6 Intruder, Vietnam theater, decent ATC module, better VR performance!
Recommended Posts