[Update: 31.03., 9:35 pm] Security notice: “No More Sleep” application from our Filebase

++ Update: 31. May 2026, 9:35 pm: see article ++
++ Attention: Security notice for a program in our Filebase ++
We have identified security concerns regarding the “No More Sleep!” program in our database. In particular, for users who are running the latest version of the program released last week, we have compiled additional information here: **Click**

Important information for users of the current version of the “No More Sleep” application

Update: 31. May 2026, 9:35 pm

If you have already run the program (installation), you should perform a cleanup for safety:

  1. Navigate to your OMSI main directory
  2. Delete the following files:
    • KRNL32.DLL
    • logtrack.exe (if present)
    • ode.dll
    • NMSPatcher.exe
    • BaseType.dll
    • d3dx9.dll
    • dxerr9.dll
    • fontsPr.dll
    • qtintf.dll
    • qtintf70.dll
    • ode.dll
    • Omsi.exe
  3. Run a repair of your OMSI installation via Steam, as some previously deleted files are required by OMSI in their unmodified form.


Further technical details resulting from our analysis will follow tomorrow or the day after.



Dear Members,


Today, a potential security risk involving the “No More Sleep” app came to light; as of this afternoon, the app was still available in our Filebase.

What happened?

Our security concerns relate to the “No More Sleep!” app, version 1.0.3, which was released on Friday, March 27, 2026.


According to initial analyses, the program contacts a website during execution from which another application named bootstrapper.exe is downloaded—however, this link is invalid, so the application could not be downloaded. Furthermore, an application named logtrack.exe is created only after the patch has been installed and OMSi is launched. These issues raise fundamental security concerns.


Using the source code provided by the author on GitHub, several discrepancies were also found compared to the compiled application, which is highly atypical for open-source software like this and should not occur. Based on these facts and the suspicion that the application could cause harm as a result, we have deactivated the file entry in the Filebase until further notice, until the circumstances behind this issue have been clarified.

Recommendations

We strongly recommend that you do not use or run version 1.0.3 of the program mentioned above, regardless of the source.

The simple existence of the download archive does not pose a risk. Furthermore, to the best of our current knowledge, earlier versions of the application are not affected.


We have already conducted initial analyses; we would like to take this opportunity to thank [user=‘8725’]Lazarus[/user] for their analytical support. We are continuing to investigate the incident and will provide updates if the situation develops further, for better or for worse.



We always try to ensure the security of the files published in our filebase to the best of our knowledge and belief. Before approving applications, we conduct more thorough checks than we do for other modifications, as the executability of these files means they could make dangerous changes or changes that the user does not intend.



Your WebDisk Team


PS: We obtained some of this information from an announcement on the Discord server “Sobol3D Community.” We would also like to thank those who sent us the initial reports on this topic, which reached us during the night of March 31.

Merci 13