Virus via WoW?

[ugress]

Ok, this might sound silly or dumb but just hear me out, ok?


Ok, so I was just standing in Org when I saw in tradechat "giving away guild, got bankslots" I figured, "I'll just /w him in case I can have it becuase I don't got a current guild and the bankspace would be nice". So..It was a lvl 2 rogue, I though to myself it was an alt and the mainchar had migrated or something like that(?). Well, anyway, he gave me the guild, promoted me to GM and then he left it. I went to the bank, started to put different mats inside of the bank when I suddenly got an WoW error. I asumed it was just by random, when suddenly pop-ups, "antivirus programs (which ain't really antrivirus programs) started to download and start, and I also got diffrent sort of harddisk errors, a lot of other stuff has happened to the computer itself which is unimportant atm. What I really wanna know is; is it possible to get an virus from for an example a guild etc?

Thank you.

Ugress.


Ps; anyone know how I can get rid of this shit? Tryed a lot...Sitting in safemode atm.

[Deleted]

No, it seems like you've been doing other stuff instead.

There is no possible way for that to happen.

[snookums]

Ooooh, that's not good. You mention "antivirus programs (which ain't really antrivirus programs) started to download and start" ... what is the name of the program? Is it something like Win7 Antispyware? Oh, and yeah, it's not from WoW.

[Eboncor]

That doesn't seem possible. I would say it is coincidence that the two events happened to occur at the same time. At least you have a free bank.

[cybermind]

Completely coincidental. Try Combofix and Malwarebytes to get rid of it.

[nobu]

No, accepting the guild invitation didn't lead you to get a virus.

[Jeffari]

malwarebytes will solve your problem. I've had issues with fake anti virus programs prompting me to buy their product in order to have the pop up disappear.

[Elektrik]

Just look for the name of the "antivirus" that's giving you trouble, and google something along the lines of "xxxx removal". Trust me, you aren't the first to have this happen to you, and there are detailed instructions all over the place, regardless of what virus you got. In my experience, MalwareBytes has been the best at removing the issues, as opposed to adaware or spybot, but it's going to depend which infection you have.

Not that big of a deal, either way. Just do exactly as directions tell you and you'll be fine.

Oh, and this isn't from WoW.

[Deleted]

Im shure its just a coincidence.. even if he hacked his own client he would still have to send the virus through the server.. if someone hacked the servers, why make the virus to be send that way.. might as well make it so anyone who saw your chat got it and then go spam trade..

[Deleted]

I love those virus adverts.

"HERE BUY OUR ANTIVIRUS PROGRAM WHICH IS ACTUALLY A VIRUS. YAY WE HAS YOUR COMPUTER AND MONIESSS! "

Malwarebites is really good as mentioned before in the thread, do the standard scan and you may want to look at doing a complete re-install of your OS. You can never be too sure.

[ugress]

well, it sure is a smart fucking virus....I can't get into the malwarebytes site, and it also is giving me an error when I try to open firefox etc outside of safemode...

[cybermind]

Go to Start > Run > notepad c:\windows\system32\drivers\etc\hosts

And see if anything other than "127.0.0.1 localhost" or "::1 localhost" is in there

[ugress]

Go to Start > Run > notepad c:\windows\system32\drivers\etc\hosts

And see if anything other than "127.0.0.1 localhost" or "::1 localhost" is in there

I get an "hard drive error" when I try to open cmd...as I've said, seems like a smart virus -.-...

[snookums]

I picked up something from visiting wowwiki a couple of weeks ago. It, too, would not let me run any kind of anti-spyware program and posed itself as antispyware. Anytime I would try to access anything it would pop up telling me that I needed to take immediate action. I think the exe that was running in my task manager was vx.exe, if I remember correctly. It was a nasty, nasty trojan. I ended up having to do a restore.

[Twinsteel]

If you don't have a virus scanner on your system, get one.

Can't afford one? Try Microsoft Security Essentials. (I can't post links yet, so google it up.)

It's based on the same engine as Forefront Endpoint Protection (their pay-for suite) and receives the same a/v signature updates. The only difference is that Forefront can be administered across a company centrally.

[lokii]

Well it sounds like the virus has a good foothold. Basically you are going to have to break the virus then after thats done run a virus scan to clean the machine. If you are not a computer geek I would proceed through the following with extreme caution.

Delete all temp files for internet.

Launch in Safe Mode with Networking, if problems persist safemode with no networking.
Run regedit from the command line.
Virus's persist by adding entries to your registry so you need to see if any fishy files exist in the following folders.
HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Run
HKey_Local_Machine\Software\Microsoft\Windows|CurrentVersion\Run

Anything other than the default needs to be scrutinized and deleted if necessary. The root to Trojan persistance resides in these files since it can reload the virus at startup if necessary.

Open Internet Explorer if you are using it Click Tools>Internet Options>Connections> LanSettings and make sure the use proxy server setting is not set.

At this point the virus should be crippled enough for you to run your virus software to kill off the virus entirely. Delete any files found and if you antivirus got broke by the virus go on the web to trendmicro's website and download housecall for free which will kill it.

[Enshroud]

It is impossible to for anything to get onto your computer via wow, other than wow related files. You cannot get spyware,malware,keyloggers,or viruses.

Hope this helps,

I would suggest running spyware search and destroy and malware bytes, both are free.

[snookums]

If you don't have a virus scanner on your system, get one.

Can't afford one? Try Microsoft Security Essentials. (I can't post links yet, so google it up.)

It's based on the same engine as Forefront Endpoint Protection (their pay-for suite) and receives the same a/v signature updates. The only difference is that Forefront can be administered across a company centrally.

I do use Microsoft Security Essentials. It totally missed the trojan I picked up. And, yes, I always make sure that it's updated regularly.

[Lotena]

I'd run a scan with Malwarebytes and TDSSKiller to ensure you don't have one of the most common rootkits on the planet. Combofix can nuke your system if you don't know what you're doing, so I'd be hesitant to recommend it.

[ThePurifier]

Like many have said Malwarebytes will nuke it, if you can't get it from their website because it's being blocked try it from cnet, it may not know to block that site. Also try other browsers if you have them Safari, IE, etc. You can also try downloading it on another machine to a flash drive and porting it over that way. Last time I got that virus I found that about 1 in 5ish times I restarted my computer the virus would have a fatal error and close allowing me better access to my computer and it's resources. As for the guild, there's no connection it's just one of those freak coincidences.