Butikssida
Outlaws of the Old West
Alla Diskussioner Skärmbilder Konst Sändningar Filmer Nyheter Guider Recensioner

Outlaws of the Old West

Butikssida
Denna tråd har blivit låst
Hightechprimate 18 maj, 2019 @ 13:16
What the hell is this? A Trojan in this game? "Outlaws-Win64-Shipping.exe"
How come Malwarebytes says a file in this directory: d:\Steam\steamapps\comon\Outlaws of the Old West\Outlaws\Binaries\Win64\Outlaws-Win64-Shipping.exe ....is a Trojan? What the hell is this?
En utvecklare av denna app har markerat ett inlägg som svar på ämnet ovan.
Tryck här för att hoppa till det inlägget.
Ursprungligen skrivet av First Wizard:
Vivox is the provider of the in game VOIP guys. The dev team went with them for a multitude of reasons instead of developing an in-house VOIP, but there is nothing to worry about here.
< >
Visar 1-14 av 14 kommentarer
Kondor70 18 maj, 2019 @ 17:06 
What ???
#1
baddoggs 18 maj, 2019 @ 18:25 
Probably your AV. They conflict with a LOT of games.
#2
=MS=Scout 18 maj, 2019 @ 20:10 
I started to get the same right after the newest update. Malwarebytes is stopping it.

The first IP address it was stopping was going to a Server in France . This is for the second IP...


% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '94.23.0.0 - 94.23.255.255'

% Abuse contact for '94.23.0.0 - 94.23.255.255' is 'abuse@ovh.net'

inetnum: 94.23.0.0 - 94.23.255.255
netname: FR-OVH-20080715
country: FR
org: ORG-OS3-RIPE
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
mnt-routes: OVH-MNT
mnt-domains: OVH-MNT
created: 2008-07-15T15:04:46Z
last-modified: 2017-01-11T08:00:14Z
source: RIPE Filtered

organisation: ORG-OS3-RIPE
org-name: OVH SAS
org-type: LIR
address: 2 rue Kellermann
address: 59100
address: Roubaix
address: FRANCE
phone: +33972101007
abuse-c: AR15333-RIPE
admin-c: OTC2-RIPE
admin-c: OK217-RIPE
admin-c: GM84-RIPE
mnt-ref: OVH-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
created: 2004-04-17T11:23:17Z
last-modified: 2017-10-30T14:40:06Z
source: RIPE Filtered

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
mnt-by: OVH-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2017-10-30T21:44:51Z
source: RIPE Filtered

% Information related to '94.23.0.0/16AS16276'

route: 94.23.0.0/16
descr: OVH ISP
descr: Paris, France
origin: AS16276
mnt-by: OVH-MNT
created: 2008-07-15T16:59:42Z
last-modified: 2008-07-15T16:59:42Z
source: RIPE Filtered

% This query was served by the RIPE Database Query Service version 1.94 (BLAARKOP)
#3
=MS=Scout 18 maj, 2019 @ 20:15 
And here's the other one...

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '188.165.192.0 - 188.165.255.255'

% Abuse contact for '188.165.192.0 - 188.165.255.255' is 'abuse@ovh.net'

inetnum: 188.165.192.0 - 188.165.255.255
netname: OVH
descr: OVH SAS
descr: Dedicated Servers
descr: http://www.ovh.com
country: FR
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
created: 2009-12-18T15:48:40Z
last-modified: 2009-12-18T15:48:40Z
source: RIPE

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
mnt-by: OVH-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2017-10-30T21:44:51Z
source: RIPE Filtered

% Information related to '188.165.0.0/16AS16276'

route: 188.165.0.0/16
descr: OVH ISP
descr: Paris, France
origin: AS16276
mnt-by: OVH-MNT
created: 2009-06-08T16:23:41Z
last-modified: 2009-06-08T16:23:41Z
source: RIPE Filtered

% This query was served by the RIPE Database Query Service version 1.94 (HEREFORD)
#4
baddoggs 18 maj, 2019 @ 20:48 
Lol, given the overall state of the game, not suprised systems are treating it
like malaware,
:lunar2019deadpanpig:
#5
=MS=Scout 18 maj, 2019 @ 23:30 
It's not crashing the game so far. I should send these people a email that has this server and ask them if this game is really part of their operation or if any part of this game is been upload there. It's a company in France
Senast ändrad av =MS=Scout; 18 maj, 2019 @ 23:31
#6
Jocco20 20 maj, 2019 @ 10:41 
Outlaws sends outgoing to 94.23.47.105 while in the lobby. You don't even need to connect to a server to observe this. Will have to inspect what its sending to know more. May want to check with Malwarebytes to see what they say.
#7
=MS=Scout 21 maj, 2019 @ 20:07 
Ursprungligen skrivet av BORG:
Ursprungligen skrivet av =MS=Scout:
It's not crashing the game so far. I should send these people a email that has this server and ask them if this game is really part of their operation or if any part of this game is been upload there. It's a company in France
IIndeed. Please keep us posted regarding updates with your findings. What are the exact IP addresses you found? The query only shows the IP range.


here you go..........

94.23.47.105

and

188.165.255.150
#8
CyborgJellyFish 23 maj, 2019 @ 16:34 
Since France is part of the EU that means this connection has to be explained under the GDPR regulations, right? I admit I'm a paranoid (edit: backside), but this needs to be addressed.
Senast ändrad av CyborgJellyFish; 23 maj, 2019 @ 16:34
#9
=MS=Scout 23 maj, 2019 @ 19:36 
Ursprungligen skrivet av BORG:
Ursprungligen skrivet av =MS=Scout:


here you go..........

94.23.47.105

and

188.165.255.150
Yup. These IPs are involved with the SIP (VoIP) communications. Now to analyze what's going on. Have you done any packet analysis during voice transmission to see what's happening yet? I haven't had a chance to do an in depth analysis yet, but may this weekend if I've time. I was able to trace the IPs though and capture a good packet log so I just have to sit down one day and go through it. I didn't test transceiving yet, but at least we've isolated what's connecting out. Let me know what you've done maybe we can collaborate and share packet logs, compare findings, etc.

Let me know.


I got where I don't use the VoIP at all. I'll type out everything. But I do have my own Team Speak
Server.
#10
=MS=Scout 23 maj, 2019 @ 19:58 
That's what I like about Team Speak you can download the server side and start your own Comms and have control over it. Been doing it for a very long time now. Matter of fact I've been using it for 19 years with no complaints .
#11
baddoggs 24 maj, 2019 @ 0:00 
Ursprungligen skrivet av =MS=Scout:
That's what I like about Team Speak you can download the server side and start your own Comms and have control over it. Been doing it for a very long time now. Matter of fact I've been using it for 19 years with no complaints .

Yep we have a T/S server as well. Great for data transfer as well.
#12
Jocco20 24 maj, 2019 @ 12:13 
In the lobby on the bottom right corner is a logo for Communications by VIVOX. The same company provides comms for Overwatch and many other games.
#13
En utvecklare av denna app har angett att detta inlägg besvarar det ursprungliga ämnet.
76561198927844929 24 maj, 2019 @ 12:17 
Vivox is the provider of the in game VOIP guys. The dev team went with them for a multitude of reasons instead of developing an in-house VOIP, but there is nothing to worry about here.
#14
< >
Visar 1-14 av 14 kommentarer
Per sida: 1530 50

Outlaws of the Old West > Allmänna diskussioner > Ämnesdetaljer
Datum skrivet: 18 maj, 2019 @ 13:16
Inlägg: 14

Diskussionsregler och -riktlinjer