Virus Identified

[froggy]

I arrive for the first time in this forum with mucho despair!!

Short and brief, I could not update with 'auto updater', soooo downloaded all 4 required files to bring DCS World up to latest spec. First I uninstalled the older version of DCS. Now spent the last 3 hours checking my system to make sure all OK as the exe file for latest version coughed up a trojan about 30% of the way through by my anti virus, 'Avira'. Trojan goes by the fanciful handle: TR/Crypt.ZPACK.Gen. I know from past that Avira can be super sensitive at times and history shows it does on occasion cough up false positives. But this virus apparantly is pretty lively and can cause problems. Removed DCS World and everything else connected with it. Re-loaded my original purchase of A10 and all seems OK. I am really p***** of as I was looking forward to expanding DCS further.

Anyone else experienced like problems? It is a puzzle as the older version of DCS installed with no difficulty. :mad:

[BIGNEWY]

did you download using the links on this website ?

 

http://www.digitalcombatsimulator.com/index.php?ProductId=21&end_pos=137&scr=product&lang=en

[cichlidfan]

Somewhere here there is a thread about another virus report from that same AV software.

 

EDIT: This isn't what I was looking for but...

 

http://forums.eagle.ru/showthread.php?t=101987

Edited February 27, 2013 by cichlidfan

[SkateZilla]

different situation..

 

TR/Crypt.ZPACK.Gen can be flasly reported in several games,

as some games use input code that resembles the keylogger, which is what TR/Crypt.ZPACK.Gen is.

 

I've scanned all the Files after downloading with M.S.E., AVG, Avast. I refuse to load up norton.

 

All come back clean.

 

if it is a Legit keylogger TR/Crypt.ZPACK.Gen, then it was picked up else where and decided to hide in your DCS Install, or has embedded itself in the Windows Installer Service, which anytime you run the service to uninstall anything it will re-install itself.

 

TR/Crypt.ZPACK.Gen can also be affiliated with naughty stuff. (the word "Free") comes to mind.

[froggy]

All files downloaded from the links given on this site! I have run several cleaning tools including registry and no show after initial ID and quarantine by Avira

[TulsA-10]

All files downloaded from the links given on this site! I have run several cleaning tools including registry and no show after initial ID and quarantine by Avira

 

 

I have to tell ya.. I don't even bother with "Anti Virus" software anymore. If your not porning it up or downloading a bunch of "Free" stuff online and you only visit the same sites.. your going to be in the clear for the most part. I dedicate my rigs to flight sims so if I notice anything weird.. I just reinstall.. takes about an hour at best and that's far and few between. I've been doing it like this for years and don't have any issues. Anyway.. that's my buck $.50

[BIGNEWY]

I would say its a false positive

 

Send a report in to your virus software company and get them to look at it, and white list it if all is ok

[TulsA-10]

I would say its a false positive

 

Send a report in to your virus software company and get them to look at it, and white list it if all is ok

 

 

That's what I think.. and that's another reason why I don't bother with anti virus software anymore. I've downloaded so much from DCS it's not even funny and never had any issues.. I ran the updater lastnight and everything is 5 by 5.

[BRooDJeRo]

When it realy is a virus then more than one scanner should come up positive. Theres many free solutions to try to be sure. Some can be installed on a USB stick to function stand-alone.

 

The fact you use only an imac and iphone is not a potentialy virusfree system anymore. Most viruses are made for windows systems, the existence of more virusus for linux and mac is growing. Do you have any protection on your phone and mac? They can be used as a catalyst. Welcome to 2013.

Edited February 28, 2013 by BRooDJeRo

[EtherealN]

I've scanned all the Files after downloading with M.S.E., AVG, Avast. I refuse to load up norton.

 

While it might not be the place for an exhaustive debate about AV solutions (didn't we have a thread somewhere?), I'll just note that I had no issues with Norton in this respect - and the one time I had a function issue with Norton it took me 5 minutes to get a no-charge remote session with one of their techs (In my "small" native language no less) to check it out.

 

But obviously, mileage may vary. Heuristics can do "funny" things as far as AV goes.

 

(And the iMac user: don't be complacent about the mac and security. Compare with Apple patching of the Java vulnerability, for example... ;) )

[BRooDJeRo]

This Antivirus download doesn't have to be installed. Just put it on a USB stick or leave it in the downloadfolder, let it update and scan. It's free too. No stupid commercials etc. Personaly i protest against the current smartphones not coming with a firewall and anti-virus by standard and companies that say their OS can't be infected. Dream on Apple! The number of smartphones (also non-apple), tablets and mac's i already had to clean is conciderable. Most apps even do alot more in the background than you know and want. Six pages of advocate language tells you, but who reads six pages on a smartphone or even cares before trouble starts? You just want to play a version of shuffle-ping-pong, while somebody you don't know earns millions on your localisationinformation. Don't you want your share of that? It's still YOUR information according most local law.

 

http://www.comodo.com/business-security/network-protection/cleaning_essentials.php

Edited February 28, 2013 by BRooDJeRo

[Soulres]

Here is some Steps from me to you about how to handle Firewall and anti-viris Reports.

 

#1 Consider what you are doing,I.E (are you downloading are installing anything?)

#2 IF you are installing Software DO NOT (again) DO NOT press (MOVE TO VAULT.Eliminate Process ECT) LEAVE THE WARNING OPEN UNTIL ( UNTIL ) The INSTALL IS COMPLETE.

#3 Do Not Contiue in Removal unless your 110% Certain it IS a viris. 9 times out of ten A firewall will report APP.EXE on your CDDRIVE when its really a process that installs the game from CD to HardDrive.

#4 Use the Internet! you have google look it up! dont just click one thing, click 3 that way you can be certain of its existence

#5 LOCATION LOCATION LOCATION! Where is it exactly? what drive? does it look familiar?do you know where it would be? if you find similarities say its in a game you just downloaded,what are the chances a company would have a virus attached to their own download link? Zero.

 

these are tips i give to my girlfriend before calling me on what to do.

[froggy]

Thanks to all and for your system specs 2

[SkateZilla]

While it might not be the place for an exhaustive debate about AV solutions (didn't we have a thread somewhere?), I'll just note that I had no issues with Norton in this respect - and the one time I had a function issue with Norton it took me 5 minutes to get a no-charge remote session with one of their techs (In my "small" native language no less) to check it out.

 

But obviously, mileage may vary. Heuristics can do "funny" things as far as AV goes.

 

(And the iMac user: don't be complacent about the mac and security. Compare with Apple patching of the Java vulnerability, for example... ;) )

 

My anti-norton is based off past experience and known issues with some of my hardware and software that goes with that hardware :).

 

Norton works outside of that, until you want to remove it, then its trouble.

[SkateZilla]

When it realy is a virus then more than one scanner should come up positive. Theres many free solutions to try to be sure. Some can be installed on a USB stick to function stand-alone.

 

The fact you use only an imac and iphone is not a potentialy virusfree system anymore. Most viruses are made for windows systems, the existence of more virusus for linux and mac is growing. Do you have any protection on your phone and mac? They can be used as a catalyst. Welcome to 2013.

 

there's Web Browser based Scanners now too..

 

Those came up clean for me too. :joystick:

[starsky396]

I still don't get how people how problems with norton. I have had it for 3 years now and I haven't had one issue.

 

 

Maybe I'm just lucky.

[BRooDJeRo]

Norton, great 2 stroke racingbike from the 70's.

[16th Widowmakr]

i use the same anti virus sw and have never had a problem with sw from ed's servers.

[LcSummers]

Hi,

 

had the same problem with Avira (sucks).

 

My experience, avira scans and identifies Cockpit.dll as viruses too. So i didnt care for the first time but after that i saw it removed cockpit files from the A-10 and P-51D.

 

Hell, i had the game but cockpits were missing.

 

My solution.

 

I started "repair DCS World", when the virus message poped up, i pressed details, then the file was scanned and a window appeared.

Right click it and apply ALWAYS IGNORE, confirm it and go on with all the other files.

 

This solved my problems.

LC

Edited March 1, 2013 by LcSummers

[SkateZilla]

TBH,

 

Everyone should be Turning off "REAL TIME PROTECTION" when installing any software or games.

 

Some Virus Scanners are set so strict by default, that any program running that tries to register a DLL will be flagged and throw up a prompt and it will say it's whatever virus closely matches the software string.

[froggy]

I really appreciate what you guys are saying. I'm still no further forward. I've uninstalled, re-installed, used the links on this site, tried the bittorrent, ran around the block a few times, kicked the cat (sorry pet lovers) I don't have a cat. I've scanned my system several times both with Avira and HitmanPro, root kit or something like that etc etc. and nothing is detected But when I re-download and install both DCS World and the A10 module, I get exactly the same notification of this Trojan. Geez what next. I'm really missing out on a great product. I take the point about Avira and dll files which has been made, I have had over sensitivity before with this anti virus. I can't remember off hand who raised the dll issue but I assume when you ignored the warning your computer hasn't died since? Even for free stuff, I always do a virus scan before opening anything, in fact I do it with everything. For all its faults Avira does do a pretty in depth scan.

[TheMoose]

TBH,

 

Everyone should be Turning off "REAL TIME PROTECTION" when installing any software or games.

 

Some Virus Scanners are set so strict by default, that any program running that tries to register a DLL will be flagged and throw up a prompt and it will say it's whatever virus closely matches the software string.

 

Wow really? I would never hire you as a tech lol. You should never in any circumstance turning off your firewall or antivirus when and especially when installing new software... the alert my might be false/positive but at least you where alerted...

[TulsA-10]

Wow really? I would never hire you as a tech lol. You should never in any circumstance turning off your firewall or antivirus when and especially when installing new software... the alert my might be false/positive but at least you where alerted...

 

If your system has a Microsoft OS installed.. your system is already doing things behind the scenes especialy your browser that you are unaware of. Your system is always transmitting data. So in reality you live in a false positive everyday. The entire OS is a gui so you only see what they want you to see. Your pc is bugged right from the start, there is backdoor tech in everything. Check out the xbox kinect. Even the new xbox and ps4 coming out will have high def cameras and microphones installed and connected to the web. Your bugging yourself..lol Just do a search for kinect hacks.. you'll see the u.s army has admited hacking the kinect. You can also google up "The internet of things"

[Speed]

I really appreciate what you guys are saying. I'm still no further forward. I've uninstalled, re-installed, used the links on this site, tried the bittorrent, ran around the block a few times, kicked the cat (sorry pet lovers) I don't have a cat. I've scanned my system several times both with Avira and HitmanPro, root kit or something like that etc etc. and nothing is detected But when I re-download and install both DCS World and the A10 module, I get exactly the same notification of this Trojan. Geez what next. I'm really missing out on a great product. I take the point about Avira and dll files which has been made, I have had over sensitivity before with this anti virus. I can't remember off hand who raised the dll issue but I assume when you ignored the warning your computer hasn't died since? Even for free stuff, I always do a virus scan before opening anything, in fact I do it with everything. For all its faults Avira does do a pretty in depth scan.

 

As everyone else said, it appears to be a false positive. Not a real virus. If this is the very first time you've ever had that happen, well, you've probably had false positives before too any just not realized it. I've seen a lot of them. The very first one I ever experienced was with Longbow 2. I was like "Oh no! lb2.exe is a virus! Quarantine and delete that crap!" 10 minutes later... "hey, why won't Longbow 2 start?" :lol:

 

It seems to me that you have two choices:

1) Ignore the Avira reports when they are related to DCS, and get to enjoy playing DCS again.

2) Never again play DCS because Avira is falsely reporting it as a virus.

Edited March 2, 2013 by Speed

[Wolf Rider]

Wow really? I would never hire you as a tech lol. You should never in any circumstance turning off your firewall or antivirus when and especially when installing new software... the alert my might be false/positive but at least you where alerted...

 

Well, of course this (A/V) is only done with trusted sources... eg anyone installing their vga driver, for instance, with RTP or similar enabled could be on path to wtf!?

 

 

@ Froggy...

 

Look around... if the your flag was a genuine narsty, everyones' A/V of all flavours would be throwing up warnings, not just the Avira one

Edited March 3, 2013 by Wolf Rider