Some [bad person] is spreading around a few scripts on the forums.
1) Do not open up any .exe files, unless from a trusted source. It's just a simple script kiddie program.
It will open up your internet every few seconds with a [bad webpage]. Also disables File Manager \ Disables CTRL+ALT+DEL.
SOLUTION:
1) Boot up your computer in Safe Mode (F8).
2) Login to your account.
3) Go to your C:/WINDOWS/
4) Look for a file named Windows Update.exe
(You could also view by last modified to find it!)
* It could present itself in a variety of names, try opening up anything suspicious, and if it does the above, go back up to solution #1 and refollow those steps.
5) Delete it.
6) Reboot your computer.
ID:277333
 Jan 22 2007, 8:14 am
|
|
Actually, it's not really a virus, I tried scanning it with AVG and it didn't come up.
It's not really a virus, more of a script-kiddie. Why not just IP ban the [jerk]? | |
Flame Sage wrote:
Actually, it's not really a virus, I tried scanning it with AVG and it didn't come up. We've banned him by all methods available, but no ban is perfect, so trolls who are determined are bound to make it back once in a while. Lummox JR | |
Oh, thats the same guy that got me before..x.x He's still on Byond? Gah, I wish he could get banned completely somehow..0_0
| |
There really should be a sticky post of some sort of standards and warnings somewhere, for easy reference, on both forums.
| |
Mecha Destroyer JD wrote:
Oh, thats the same guy that got me before..x.x He's still on Byond? Gah, I wish he could get banned completely somehow..0_0 Hehehe you were silly enough to open it also? Silly buggers... | |
A.T.H.K wrote:
Mecha Destroyer JD wrote: The Byond community is pretty trustworthy imo; I let meh guard down..0_0 | |
Only the staff could do that i guess unless somehow you got his ip :S
I doubt they would do anything if you or me asked them to i think dantom would beable to close this losers account. | |
Deliberately spreading viruses gets you an immediate and permanent ban from everything BYOND. The staff are doing everything they can to ensure that the ban sticks in this case.
The usual common-sense rule applies: Don't touch executables that come from untrusted sources. Follow that and you'll be safe from this particular coward. | |
as a fellow member of the ccommunity, and a smart person I know a huge probelm. This "virus" is not like the one before. It spams you therough the large use of c++ and u need windows operation systems files 2 (what ever that thing is .... dont know exact name). Without that it renders harmless. I know that right now you are all against .exe file, but I have a 3 peice virus scanner with keys that is an exe file, if you want it just page me.
This most likely doesnt install viruses directly thats why virus scanners find it clean. While spammin with IE it opens sites that automatically install spyware to your computer, so the program itself is safe. You mayy be thinking ... y does he know so much about this program ??? ..... well the truth is my friend made one just like it and we tried to test it on ppl. I almost 100% guarentee it isnt his one thou (there are only 3 ppl with control over it ... 2 of them have it deleted {me and the owner} but one person has no clue they have it because they didnt know that it did all this cause theu didnt kave the windows 2 thingy. They most likely deleted it) besides ours spammed with command promt too | |
Its just a script kiddie who copy/pastes c++ or Visual Basic code into a compiler and releases it on a community that is not expecting it hence the reason people opened it.
I think byond should really get rid of the "Include EXE file" when packaging files hardly anyone uses it "that ive seen" and it drives people away from the file since they might think that its a virus .exe agian... Plus i thought that guys exe files was part of byond the only noob thing that put me off was it had a dll file... | |
Devin148 wrote:
as a fellow member of the ccommunity, and a smart person I know a huge probelm. This "virus" is not like the one before. It spams you therough the large use of c++ Oh, no! C++! Run, hide! They're here to dangle your pointers and corrupt your memory! (In all seriousness, the choice of programming language makes little difference to the effectiveness of the virus. Unless you're using something like Java, which is (usually) sandboxed.) This most likely doesnt install viruses directly thats why virus scanners find it clean. I suspect the main reason virus scanners find it clean because they don't know about it; their definition files don't include any mention of it, so they don't recognise it and assume that it's OK. In other words, the lame script kiddie who's pulling these stunts isn't making enough of an impact to even show up on the radar of antivirus companies. Of course, his pathetic ego is probably so inflated that he thinks it's because his virus is "stealthy" or some such rubbish. omg i made a virus thats so advansed norton can't c it lolololololol I imagine you might have a point though, in that it's evading attempts at heuristic detection by using a layer of indirection to mask its activity. | |
Crispy wrote:
I imagine you might have a point though, in that it's evading attempts at heuristic detection by using a layer of indirection to mask its activity. Ah, just enough long words to confuse all the "1337 h4x0r5" out there. | |
I don't see why BYOND acctually allows urls to be posted on the forums, why no make an attacment only thing you can be able to acttach is icons, if the url were to be masked, no one should get the virus, and dissabling HTML on the furoms should work too.
- Miran94 | |
That's ridiculous, the only thing accomplished by disallowing urls would be making people who have valid links to share go crazy. That's assuming that you could get rid of urls, you could get rid of links, but what would stop someone from posting a url? Text parsing wouldn't cut it when people can say something like "go to the forum on BYONDs website" and almost everyone will know where to go. You'll notice lots of people take advantage of this when posting an email address, people can read "YMIHere is my user name for gmail," but programs scanning web pages for addresses might find it a bit harder. =)
Exactly what happens when people who just download executables all willy-nilly surf on other sites? They'll end up getting hit with viruses anyway. A better solution is to just ingrain the idea of evil people lurking behind every corner into peoples heads so they think twice about downloading programs from some random person (and scan it if they do). =) | |
(In all seriousness, the choice of programming language makes little difference to the effectiveness of the virus. Unless you're using something like Java, which is (usually) sandboxed.) i no that it makes no difference, i was just tellin ppl In other words, the lame script kiddie who's pulling these stunts isn't making enough of an impact to even show up on the radar of antivirus companies. Of course, his pathetic ego is probably so inflated that he thinks it's because his virus is "stealthy" or some such rubbish. omg i made a virus thats so advansed norton can't c it lolololololol ROFL .... that does make tons of sence .. but also cause it has nothing important in it. The sites that it opens are sites ofen found on popoup blockers like ad-watcher from adaware. | |
Yep, that's our old virus spammer troll. He keeps reappearing under new keys, and we keep banning them. It's important to always run .exe files and such through virus scanners before attempting to run them.
Lummox JR