Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: IEvony VIRUS?

  1. #11

    Default

    lol you guys scared me half to death because of that

  2. #12
    Join Date
    Dec 2009
    Location
    Florida
    Posts
    1

    Default

    To be honest, I wouldn't even recommend BitDefender in the first place.
    Foxtrot!

  3. #13

    Default

    Quote Originally Posted by Sir T. R. E. Jr. View Post
    -Okay, if you think you understand programming consider this. As simple as I can put it... in an instructive sort of way.

    ---Win95/WinNT/Win98/Win2000/ME all use to throw Kernel errors. With XP it was pretty much sorted out by the "Explorer nanny" combination of svchost and System Idle Processes. You're on your own with Vista/Windows7 AFAIC that was a mistake if you did. Oh, it's been a while, but assembling terms, maybe it would have said "Invalid Page Fault in Kernel32.dll". What you have there is that a program needed that DLL to load, didn't completely load and the next program that needed that DLL couldn't access it, so the second program crashed (a file cannot be accessed if it is already open) and Windoze tagged the kernel as the problem child.

    ---Even though the OS "using files" problem has seemingly been patched, a file still cannot be accessed if it is already open. "The process cannot access the file because it is being used by another process" or the likes would be what you would see, if I could remember how to force this error with a simple program like Notepad or MSPAINT. Anyway, you can't save the file as the file if the file is already open, so basically, it cannot be used by more than one process. If any of the AVPs you use depend on a mutual file, yer not working as well as you think you are and the only one that is working at that moment, if any, is the one that finds the virus. It changes with each reboot because programs do not always load the same, at the same speed or in the same order, so one AVP might completely load this time, while another might survive the boot an hour from now. Also, a virus can infect an AVP's critical file if another AVP cripples that file long enough fr the virus to attack it. Trust me when I say that you shouldn't run more than one, you thinking you are over-protected is a misguided exaggeration.

    ---You should also consider that cracked AVPs are often more useless than free versions and depending on the hacker, you might even be setting yourself up for a major infection. Just like anything else, if you don't know the programmer, you cannot know their intentions. That password stealer might have been caught by a high heuristic setting because it takes the password from the box you placed it in and runs it through Yahoo Messenger... exposing it to the vast internet of hackers who would be watching that port. Seeing it act as an infection would, it tags it as a possible... to which most refer to as false positives. I don't believe in false positives. Either it is or it isn't and if it acts like it is, it is. It all goes back to the programmer's intentions.

    ---LOL! Sorry. I was browsing for a "Virus" "Q" I had spotted before and stumbled upon this.
    A very good summary about general knowledge of OS security. I want to add some more things to this :
    1. Only use one AV. If you used more than one AV, there will be a compatible issue
    2. Only use one firewall for the same reason above. If you use third party firewall, you must turn off window firewall first
    3. Anti-malware are basically useless since they never erase spyware completely out of your PC.
    4. The only way to protect your computer is to back it up regularly. In case you are attacked by viruses, you can always restore your PC to the previous stage.
    I am a smacker. CPO rule


  4. Default

    Quote Originally Posted by viethluu View Post
    A very good summary about general knowledge of OS security. I want to add some more things to this :
    1. Only use one AV. If you used more than one AV, there will be a compatible issue
    2. Only use one firewall for the same reason above. If you use third party firewall, you must turn off window firewall first
    3. Anti-malware are basically useless since they never erase spyware completely out of your PC.
    4. The only way to protect your computer is to back it up regularly. In case you are attacked by viruses, you can always restore your PC to the previous stage.
    ---1 & 2 would be more like agreements, in summary, than additions, due to my already having said that... lol, however, 3 & 4 are interesting points to add, while 4 is sort of touchy because the first place an infection usually goes is to the restore folder... if you're relying on Windoze System Restore... and a main reason why I said Norton Ghost is the only thing Symantec worth anything. A little playing with the program, tweaking here and substitution at the end and you can copy your entire system, w/all programs installed and if ever you get smoked by an infection, you can pop in the disc and restore to your own beginning.

    ---One thing I didn't mention, which your post reminded me of:

    -NOTHING replaces an updated boot scanner for removal of viruses. It is the closest thing we have to a DOS Scanner, and it scans all files before they are used, so they can be disinfected rather than you getting an error that the AVP could not perform the selected action. It'll even scan and clean your Restore folder (if you use Windoze System Restore).


  5. #15

    Default

    When I say restore, I don't mean window system restore. I mean the recovery that carried out using the back up image that was created by third party back up softwares. Norton Ghost is one of them, but it is not the best. I always use acronis for that task. I also heard that windows 7 included a back up utility that may be also very good.
    I am a smacker. CPO rule


  6. Default

    -viethluu,

    ---When I say "you", I am referring to the reader. I know fully what you were saying and was in agreement with you. I was adding that, so it be known to those who are on their parents' PCs and/or don't have the experience we might have, about Windoze System Restore and the fault that has been present since it was implemented.

    __________________________________________________ _______________________________________________

    -Dawnseeker,

    ---Excellent point found in that report regarding ievonyclient.exe. Maybe an admission of guilt?
    *Link Removed* is where I find the download which would lead me to believe someone is a "Lamer" using others' programs and trying to achieve power through BOTting and quite possibly has unknowingly confessed. I'd forward that IP to the necessary people and watch the entire alliance for the one who gave him the URL/site to DL it from.

    . . . "Yes, intelligent people do read TOS/TOU/T&C/etc while the fools just click-click-click-hyperclick-click-click-click so they can play...
    . . . . . . ... "Just like anything else, if you don't know the programmer, you cannot know their intentions... "

    .


    edit:
    ---Okay, I thought for a minute that I experienced some sort of disruption in time, but I guess what happened was a merge of two topics that were hardly related with exception that they were both about infections and preventing/cause/etc.

    ---IMHO, that'll confuse the whole matter completely as my post was not directed to iEvony, but more browser/game related. All is good though, I guess. Might I suggest a Thread title change since I inadvertently or maybe even Tele/Psychokinetically hijacked the thread... lol.


    ---Nice grab, I didn't even think about that (I.E., *Link Removed*)
    Last edited by Sir T. R. E. Jr.; 12-24-2009 at 04:24 PM.


  7. #17
    Join Date
    Nov 2009
    Location
    finding Out.Wherever that is?
    Posts
    495

    Default

    Until 12/25/09 I would say WMD? about all threats to systems/memory.I was infected,all system info obtained.Psswd list,history etc wiped.I believe this to be related to flash since I was witnessing while cam access was denied.instantly,systm crashed.I was able to retore after 7 attempts.Online to find my psswd. changed on most accts.Searched systm for trojan,only found one assoc. with Tonia Arts,Totem soft, wich markets spyware protection.I believe this to be adware that is annoying yet harmless besides slows system resources.Will scan again and continue to.I know this occurrence to be initiated thru Flash.I declined the upgrade when prompted.
    Last edited by Eutopeus; 12-27-2009 at 08:28 AM.

  8. #18
    Join Date
    May 2009
    Location
    Pennsylvania
    Posts
    6,308

    Default

    You can't get a virus from Evony, and you can't get a virus from world chat. The only way you can get a virus that way is if someone in world chat provides a link and you choose to type that link into your browser and download a virus from the site you went to.

    Don't spread disinformation.

  9. Default

    Quote Originally Posted by FoxyBunny View Post
    You can't get a virus from Evony...

    ... Don't spread disinformation.
    ---I deleted my very informative post and will later post it again in it's own thread because it did not belong here. The post I made was about a fake Flash Player Update that installed a very malicious trojan and it was undetectable by scanners because it was a rootkit. Now, if you can truly understand that which I had just typed, you can understand that it is not related to a Java-based messenger hijacker such as iEvony, which is most likely why iEvony was detected as a virus... plain and simple because it hijacks your Yahoo/Skype/etc Messenger.

    ---I haven't seen anyone claim Evony or WC was infecting people so please do not jump the gun here as the information that could come from this thread could prove useful as long as educated people keep answering questions and makings statements. If they did say this I apologize, the whole merging two unrelated threads confused me a bit and I really have no interest in this thread anyway, as it relates to Messenger services which are one of the least secure means of communication that often run off the known messenger port #80 and anyone who wants that port, and a lot do watch that port, can get past most software firewalls once it's opened and the dummy user is on a messenger.

    ---Now, this does not mean it doesn't include a tracking cookie or something lame like that, as I did not have it occur to me and have no reports to look over, so I cannot and will not comment on why... but will say that there have been plenty of bugs that seem simple enough to solve, yet haven't been solved, so I will trust my AVP more than I will trust anyone saying "It can't happen". Not saying it can, just saying that if one who states it can't truly knows it can't, they need to be programming viruses or antiviruses; But this thread isn't about Evony, so I will veer from any topic-hijacking material I hadn't noticed.
    __________________________________________________ _______________________________

    ---As Dawnseeker stated earlier, I had agreed because I thought the iEvony installer was named iEvony.exe or similar, when I checked not long after and found it is in fact is named iEvonyClient.exe. No biggie though, again, as this thread is related to the messenger hijacker called iEvony, it is along the same line as a booter that tags the header for Yahoo Messenger with it's name, broadcasting the name of the booter as an advertisement to your buddies. The messenger is hijacked, therefor it is an offending program to the company who made the messenger, therefor making it a false positive (this type of false positive, as there are a few different reasons why a program could be reported as so).

    ---Simply don't use it if yer skeert or unprotected. However, if you run messengers, yer perty much unprotected already, so what ya got to lose?

    edit:
    While it is true that fools will post on the forum to spread BS to ruin the EVONY name as quickly as they will create an anti-alliance name in the game, I seriously doubt that is what this thread is about, as it is related to the iEvony messenger/email hijacker (as the title says).

    ---Again, I have removed my thread that was merged here, to remove all confusion and keep convo about an unrelated format/protocol from confusing this thread. My thread being posted here would only hijack this one, as it was related to an infection that comes from a VERY official-looking, yet fake Flash Player Update that installs a trojan that can so far, only be detected by a few particular rootkit scanners and removed by program/virus/trojan-specific tools. I had thought my thread relevant to the community's security (and that was portrayed in my post), simply because it was initiated through a Flash Player Update, whether real or fake at first, and we are playing a flash-based game. I posted it to let people know how to detect this variant... which has undoubtedly changed since then because as I said it was VERY malicious... almost insistent... and to say the least... stubborn.

    ---Please keep this thread to iEvony-related replies as it once was.
    Last edited by Sir T. R. E. Jr.; 01-19-2010 at 11:24 AM.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •