Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: IEvony VIRUS?

  1. #1

    IEvony VIRUS?

    So i didn't think i should post this in the bug section, so here goes:

    I tried DLing IEvony off the front page of www.evony.com. Then double clicked to run it. Immidiately was propted by only 1 of 5 AV programs i run, AND NOT THE ONES THAT SHOW FALSE POSITIVE'S. Which leads me to believe it is authentic.



    Instead of trying to run a program with a GUI like most do, it gave me the hourgalss for a split second, then tried to transmit that first file FROM my computer, to whereever. Anyone else using BitDefender can please try to recreate this.

    This is using BitDefender. Its the only AV that picked it up, AVG didn't, Norton didn't, McAfee didn't, Nod32 didn't... So please tell me what this means? Or EXPLAIN it?


    ~k
    Last edited by Kamikazi; 12-24-2009 at 06:27 AM.

  2. #2

    Default

    Hi there,

    We've tried to replicate this, and so far have been unsuccessful using BitDefender. iEvony does not capture your passwords, instead it accesses those programs by asking you permission to obtain the contact list so you can then select who to give an invite to. You have full control over this, and nothing nefarious is happening.

    We'll continue trying to replicate this. Thanks for bringing this up.

  3. #3

    Default

    Long as I know BD has some serious false positive when comparing with other AV. That is what happen when BD employed a sophisticated heuristic database.
    I am a smacker. CPO rule


  4. #4

    Default

    TY Thalin. My virus definition's update nightly as well, if that is any different. I could always try my hypercam if you'd like me to video document what happened. By the way, it happened twice. At first, i thought it was a fluke, so i went into my System Volume Information, where one of the RP's had it also saved, removed all trace's, and tried it again. Same result's. Could it be that since IEvony is used to export a email contact list, that the information being passed along, is actually what BD shows as Generic.PWStealer? Let me know about the video.

    Viethluu, you just mentioned that BD send's up false positive's? As in, more often then AVG, Norton and McAfee? As far as I've personally experenced over the last few months, BD has always been the best at detecting ACTUAL threats, where as the others like to pop False Positive's every few days. Don't get me wrong, they arn't doing a horrible job either, and sometimes pick up threat's BD misses. But in the end BD has almost never given me any False Positive's. If you can duplicate this for us, I think we would all like to see it.

    ~k

  5. #5
    Join Date
    Aug 2009
    Location
    At the study table, doing Maths...and learning more about I.T.
    Posts
    565

    Default

    Norman doesn't ( Norton ). Try google-ing the Virus name. Who knows what is it?


    My main city : http://bbs.evony.com/showthread.php?p=719945

    And a method to view reports better : http://bbs.evony.com/showthread.php?t=79266

    And an I.Q. test :
    http://bbs.evony.com/showthread.php?t=85396

    When ya'rep me, pls. include your name.

  6. #6

    Default

    Thalin, you may want to read up on this thread in the bit defender forum i found. It describes other Admins getting similar virus's injected to their WEBSITES. I'm not saying that evony is INFECTED by any means, and couldn't bring myself to read their repetitive post's, but i did read the response's from the MOD. Still, i can not pin point this "virus".

    http://forum.bitdefender.com/index.php?showtopic=14118

    Cheers,
    ~k

  7. Default

    ---I am ummm... flabberghasted... that no one has caught this:

    Quote Originally Posted by Kamikazi View Post
    ... Immidiately was propted by only 1 of 5 AV programs i run,---I am surprised no one caught this...
    . . . ...AVG didn't, Norton didn't, McAfee didn't, Nod32 didn't...
    ---It also could be because you are running 5 AVPs.

    ---Pick one and stick to it. One for Malware, one for AVP, one for etc., etc., is fine, but more than one scanner running at a time is not a good idea. FWIW, one of the best AVPs, PAIS (and those who scoff, scoff only because it can't be cracked effectively) works with no AVPs, but other versions of Panda will. You can't just decide what you like and what you don't and install two even, they have to be okayed to work simultaneously.

    ---Also, more than preference leads me to saying this. If you are running Norton anything but Ghost, you don't know much about AVPs.

    ---Please consider what I said, no matter how much either of us know or seem to know... and look for my next post on Virus/Trojan removers. I am trying to find the post where it is relative... which I saw a few weeks ago.

    edit:
    ---I myself use Avast Pro, so the PAIS reference wasn't a based on a favored AVP either.
    Last edited by Sir T. R. E. Jr.; 12-24-2009 at 10:10 AM.


  8. #8

    Default

    Quote Originally Posted by Sir T. R. E. Jr. View Post
    ---It also could be because you are running 5 AVPs.

    Undoubtedly it is a false positive.

    I downloaded the latest client and ran it against the latest version AVG w/o any warnings.

    Of course, conspiracy theorists would surmise that once it was posted that a keylogger existed within the client, the client on the web site was immediately changed to a non-infected version.

  9. #9
    Join Date
    May 2009
    Location
    Pennsylvania
    Posts
    6,308

    Default

    Well, conspiracy theorists would have to explain why tens of thousands of people have downloaded it PRIOR to that post and nobody else can replicate the results.

  10. #10

    Default

    Quote Originally Posted by Sir T. R. E. Jr. View Post
    ---I am ummm... flabberghasted... that no one has caught this:



    ---It also could be because you are running 5 AVPs.
    could be...but still, they don't stack on each other to make one super AVP, they run in parallel. And i have had one or two pick up malware that the others don't, so imho there is no one good AVP, i believe you need more than one source to get a true answer, thus my over protection

    ---Pick one and stick to it. One for Malware, one for AVP, one for etc., etc., is fine, but more than one scanner running at a time is not a good idea. FWIW, one of the best AVPs, PAIS (and those who scoff, scoff only because it can't be cracked effectively) works with no AVPs, but other versions of Panda will. You can't just decide what you like and what you don't and install two even, they have to be okayed to work simultaneously.

    ---Also, more than preference leads me to saying this. If you are running Norton anything but Ghost, you don't know much about AVPs.
    This may be true as well, but I'm not a big fan of Norton anyways, I just keep it around for those naysayers that think "get Norton, it will solve all your problems!!1!"

    ---Please consider what I said, no matter how much either of us know or seem to know... and look for my next post on Virus/Trojan removers. I am trying to find the post where it is relative... which I saw a few weeks ago.

    edit:
    ---I myself use Avast Pro, so the PAIS reference wasn't a based on a favored AVP either.
    Avast PRO? Really? I've only read about user's having troubles using ALL avast programs. I may have to check it out all the same. But I go beyond average user, most likely beyond my own ability's I assume, and sometimes get caught by Malware, so I find that my method has thus protected me. Also, i only run 19% of my cpu and 36% of my ram while doing all this, so it isn't a usage issue for me either.

    Thank You for the reply, and the information on these other programs. I will definitely look into them.


    Quote Originally Posted by FoxyBunny View Post
    Well, conspiracy theorists would have to explain why tens of thousands of people have downloaded it PRIOR to that post and nobody else can replicate the results.
    I concure. For posterity issue's, i will make the video, and see if it still has that problem. If not, seems like the theorist's may have been right, and I wouldn't mind, as I would then be able to use IEvony.
    Last edited by Kamikazi; 12-24-2009 at 10:37 AM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •