EQ2 Forum Archive @ EQ2Wire

 

Go Back   EQ2 Forum Archive @ EQ2Wire > EverQuest II > Support Forums > Tech Area > General Tech Support Questions
Members List Search Mark Forums Read

Notices

Reply
 
Thread Tools
Old 06-30-2010, 12:03 PM   #1
Nefa
Server: Nagafen
Guild: Order of Light
Rank: The Source of Light

Loremaster
Nefa's Avatar
 
Join Date: Nov 2004
Posts: 53
Default

somewhere i think i read once that you Couldnt get a worm, virus , etc from EQ2. Last night I had an infection that is not yet fixed on computer and husband is starting to blame Eq2.. (everything is the fault of EQ2 you know.......).

__________________
Nefa is offline   Reply With Quote
Old 06-30-2010, 12:29 PM   #2
Skywarrior

Loremaster
Skywarrior's Avatar
 
Join Date: Nov 2004
Posts: 726
Default

Is it possible?  Yes, nothing is 100% immune to that on the internet. 

Is it very likely?  No.  For one thing, those things do not tend to infect users in isolation and, since there is no indication of mass infection among the EQ2 community it is unlikely that there is one active at this time.  If one were active it would spread very rapidly, I would think, and get a fair amount of posting here about it.

What is the infection?  If you know what the infection is a quick Google search will usually turn up the most likely transmission vehicle.

Are you running a virus checker?  While not foolproof they will certainly block the vast majority of viruses out there and significantly improve your chances of remaining free of them.  There are a number of good free virus checkers available.

Are you on a network?  If you are on a home network you can get infected from another computer on your LAN if your husband has been browsing or getting email from questionable sources (usually spam).

Have you done any browsing to suspicious sites?  This is probably the most common way of getting bitten.  Even the most legit sites out there occasionally pass malware via those stupid Google ads that pop up on the sites.  The content of those ads is not directly controlled by the displaying site and it has become a real issue in some site genres, notably gaming sites.

Do you have an email account that you read on your computer?  I highly recommend using a tool such as MailwasherPro from Firetrust to prescreen and filter your email before it even arrives at your computer.  I don't really make a habit of endorsing specific products but that one is really outstanding and inexpensive and just works.

These are much more likely culprits than EQ2.

Skywarrior is offline   Reply With Quote
Old 06-30-2010, 01:53 PM   #3
Nefa
Server: Nagafen
Guild: Order of Light
Rank: The Source of Light

Loremaster
Nefa's Avatar
 
Join Date: Nov 2004
Posts: 53
Default

it is that old pop up of "your virus program detected virus"... and if you click on it will take you to a site to buy a new program (which i didnt do cause I know i shouldn't) ... i cannot run my virus program now..  it is Microsoft Security Essentials ... i cannot get on the net.

the only thing I was doing when i happened was playing the game and i had eq2wiki up..

No, no network

I didnt think it was EQ2, but he is now insisting it is.

__________________
Nefa is offline   Reply With Quote
Old 06-30-2010, 02:16 PM   #4
Skywarrior

Loremaster
Skywarrior's Avatar
 
Join Date: Nov 2004
Posts: 726
Default

I am familiar with the one you describe.  My wife got it on her computer once.  Pain in the rear but you can get rid of it.  And the likelihood that you got it from EQ2 is slim to none.  You might have gotten it from the GoogleAds pop ups on eq2wiki though.  More likely than from the game itself.

Go to CNET Download.com and get Malwarebytes Anti-Malware (direct link).  Save the file to your desktop and run it, following the directions.  It should remove the culprit.  Worked on my wife's computer and seems to gave good success rates from comments on the web.

Skywarrior is offline   Reply With Quote
Old 06-30-2010, 02:59 PM   #5
Nefa
Server: Nagafen
Guild: Order of Light
Rank: The Source of Light

Loremaster
Nefa's Avatar
 
Join Date: Nov 2004
Posts: 53
Default

thank you. will save this for the future. is it somthing that will work despite the infection? as it is now, i can't even run the internal "MRT" tool. you know the one that if you hit "run" in start menu and type in "mrt" it runs a scan? the computer is completely disabled.

husband is doing a full system restore... i hope that works. will have to reinstall everything

__________________
Nefa is offline   Reply With Quote
Old 06-30-2010, 07:14 PM   #6
Ironcleaver

Loremaster
Ironcleaver's Avatar
 
Join Date: Nov 2004
Posts: 558
Default

Sorry to hear about the infection, they can be really frustrating. A huge target for malicious software is guild website hosts - not to mention any names but they can get infected pretty easily.

I use the following at least once a month:

Spybot Search and Destroy: http://www.safer-networking.org/en/...rors/index.htmlCCleaner: http://www.piriform.com/ccleaner

Ironcleaver is offline   Reply With Quote
Old 07-01-2010, 09:03 AM   #7
Wingrider01

Loremaster
Wingrider01's Avatar
 
Join Date: Nov 2004
Posts: 5,999
Default

[email protected] wrote:

thank you. will save this for the future. is it somthing that will work despite the infection? as it is now, i can't even run the internal "MRT" tool. you know the one that if you hit "run" in start menu and type in "mrt" it runs a scan? the computer is completely disabled.

husband is doing a full system restore... i hope that works. will have to reinstall everything

that one is a PIA, technically it is not a virus, it just plays one in real life. Got this one on my kids machine, can promise you it is not eq2 that did it, it came from a website. Kids don'y play eq2 so I know it did not come from there. A favorite way of introducing this one is via a compromised flash page on a website, there have been a number of CERT bulletins on the security holes in flash. Adobe has recently released 10.1 to combat the issue. IE 8 with Protected Mode on and UAC in Windows 7 helps prevent this one.

Surprisingly enough the freeware product that tends to catch it the most is Microsoft Security Essentials. Another high end malware vendor has a new product in 3rd phase beta testing that works reliably on this one also and similiar methods of delivery, it will be out in a short period.

have found that this tends to get rid of it

http://www.malwarebytes.org/

or you can do a checkpoint restore to a point in time before the thing showed up, seems like your husband is doing this now.

__________________
Fixing computer issues, one SOC7 at a time.

Yes Jim, the user has experienced the dreaded PICNIC error

Wingrider01 is offline   Reply With Quote
Old 07-01-2010, 11:42 AM   #8
Laiina

Loremaster
Laiina's Avatar
 
Join Date: Nov 2004
Posts: 622
Default

Just out of curiousity, when was the last time you ran the Windows updater?

The vast majority of infected machines that I have seen seldom - or in a few cases never - keep up to date on that, even though you can set it (or it usually defaults) to automatic download.

__________________
Laiina is offline   Reply With Quote
Old 07-01-2010, 12:45 PM   #9
Shiirr
Server: Blackburrow
Guild: Kindred Souls
Rank: Member

Lord
Shiirr's Avatar
 
Join Date: May 2009
Posts: 178
Default

Had that same one a while back.  One of the downsides of playing an FPS online while drinking ... sometimes you click the wrong button on a pop-up when you're done.    Anyway, I ran a system restore to a point a month prior and it was fine.

Shiirr is offline   Reply With Quote
Old 07-01-2010, 01:51 PM   #10
Nefa
Server: Nagafen
Guild: Order of Light
Rank: The Source of Light

Loremaster
Nefa's Avatar
 
Join Date: Nov 2004
Posts: 53
Default

we get updates regularly... from Microsoft and our virus program (also Microsoft). Virus program is run / scanned daily by husband. That is what is surprising and disappointing about getting infected.

I couldnt run a system restore, couldnt make anything work actually. And my understanding going to  a previous restore point does not get rid of the virus, wurm.. that its embedded and needs to be removed... just what i heard somewhere, sometime.

Computer is back up and running. Dealing with reinstall and downloading of the game now.

thanks for responses

__________________
Nefa is offline   Reply With Quote
Old 07-01-2010, 02:19 PM   #11
Nefa
Server: Nagafen
Guild: Order of Light
Rank: The Source of Light

Loremaster
Nefa's Avatar
 
Join Date: Nov 2004
Posts: 53
Default

oh.. i have been stating the computer was "restored", that is wrong, we ended up doing a "clean install"..  TMI probably, but it bugged me, i needed to correct this.

__________________
Nefa is offline   Reply With Quote
Old 07-02-2010, 06:35 PM   #12
Eezel

Elder
 
Join Date: Apr 2010
Posts: 48
Default

What you have described here is the ever growing but now FTC sued Fake Anti Virus business. Yes I can for a fact say that I have visited eq2wiki and got many of these FAKE anti viruses and have during visits to that site had my antispyware/antivirus and hack attack alarms go off numerious times. I have emailed the admins of that site and as always I simply get asked which advertiser was it that caused this. Unfortunatly my attack detection software only tells me against an attack and blocks said attack and I have only been able to acertain that the attack came from an ad being displayed by their site.

Theres a lot of articles about the Fake virus scam across the net but the one I found most informative is

http://www.time.com/time/business/a...1998055,00.html

In which the FTC is finally taking some actions against these types of companies.

Anyway ensure your husband the virus didn't come from EQ2 but from visiting sites where a popup allowed your computer to get a fake virus with a scam link to remove it. Usally what I do in those types of cases is ctrl-alt-delete open task manager and close down the process but its hard for the typical layman to know what process doesn't belong. I suggest using a couple different Internet Security programs, run 64 bit windows and make sure you keep them updated daily as well as never clicking an ad that your are not 100 percent certain about.

Eezel is offline   Reply With Quote
Reply

Thread Tools

Forum Jump


All times are GMT. The time now is 10:42 AM.

vBulletin skin by: CompleteGFX.com
Powered by vBulletin® Version 3.7.5
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
All threads and posts originally from the EQ2 and Station forums operated by Sony Online Entertainment. Their use is by express written permission.