|[OriginalKO]| - [KE FARM/EXP] Return

[4YouNoHealStupiD]

a lot of virus .. pff rafael i hate u seriously

[Vincents]

Close this topic.

[lervin]

Go go go closed fast !!!!

[4YouNoHealStupiD]

someone can upload the new patch?

[4YouNoHealStupiD]

Close this topic.

why? did u see the virus or what?

[Vincents]

No, I created a new topic for him at -
[ame]http://www.gamers4life.com/forums/showthread.php?p=2894154#post2894154[/ame]

Because this one has been filled with alot of "bad" posts. There is no virus (well, real virus) in the files. I have the same client (up to date with latest patch from his server) and have no problems. I've also scanned the files and included both reports in the other topic

[4YouNoHealStupiD]

No, I created a new topic for him at -
http://www.gamers4life.com/forums/sh...54#post2894154

Because this one has been filled with alot of "bad" posts. There is no virus (well, real virus) in the files. I have the same client (up to date with latest patch from his server) and have no problems. I've also scanned the files and included both reports in the other topic

well man i think rafael ( or you) upload a one with virus .. is not just me a lot of users know is virus win32/satility bro seriously i can promise it

[NightBreed]

Thats what I am starting to wonder, it's not "bad" posts, they are warnings. The files did have REAL viruses and not just false/ positives with the win32/satility worm in it. Why is it so hard for you to admit that even since you told me its not you running the server. Until i see positive proof that your updated server and download is in fact fixed without the virus I will continue to post in every thread you open about the download being infected. It is starting to seem to me that the more you and Rafael deny that it was there and are trying to get people to GOGOGOGO to the server without acknowledging that the virus was there that the intend to infest is purposly !

Here is the virus that was installed when i downloaded your OriginalKO :

Discovered: April 20, 2008 Updated: August 10, 2008 11:06:05 AM Also Known As: TROJ_AGENT.XOO [Trend], W32/Sality.ae [McAfee], Sality.AG [Panda Software], Win32/Sality.Z [Computer Associates], Win32/Sality.AA [Computer Associates], W32/Sality.AA [F-Secure] Type: Virus Infection Length: 57,344 bytes Systems Affected: Windows XP, Windows NT, Windows 2000
W32.Sality.AE is a virus that spreads by infecting executable files and attempts to download potentially malicious files from the Internet.

Autorun and W32.Sality
Symantec strongly recommends that customers take specific steps to control the execution of applications referenced in autorun.inf files that may be located on removable and network drives. Threats such as this one frequently attempt to spread to other computers using these avenues. Configuration changes made to a computer can limit the possibility of new threats compromising it. For more information, see the following document:

How to prevent a virus from spreading using the "AutoRun" feature

Virus definitions dated April 20, 2008 or earlier detect this threat as W32.Bacalid!inf.

For more information, please see the following resources:
W32.Sality


Symantec Endpoint Protection – Application and Device Control
Symantec Security Response has developed an Application and Device Control (ADC) Policy for Symantec Endpoint Protection to protect against the activities associated with this threat. ADC policies are useful in reducing the risk of a threat infecting a computer, the unintentional removal of data, and to restrict the programs that are run on a computer.

This particular ADC policy can be used to help combat an outbreak of this threat by slowing down or eliminating its ability to spread from one computer to another. If you are experiencing an outbreak of this threat in your network, please download the policy.

To use the policy, import the .dat file into your Symantec Endpoint Protection Manager. When distributing it to client computers, we recommend using it in Test (log only) mode initially in order to determine the possible impacts of the policy on normal network/computer usage. After observing the policy for a period of time, and determining the possible consequences of enabling it in your environment, deploy the policy in Production mode to enable active protection.

For more information on ADC and how to manage and deploy them throughout your organization, please refer to the Symantec Endpoint Protection Administration Manual (PDF).

Note: The ADC policies developed by Security Response are recommended for use in outbreak situations. While useful in such situations, due to their restrictive nature they may cause disruptions to normal business activities.
Antivirus Protection Dates

• Initial Rapid Release version April 21, 2008 revision 001
• Latest Rapid Release version May 26, 2011 revision 020
• Initial Daily Certified version April 21, 2008 revision 003
• Latest Daily Certified version May 26, 2011 revision 019
• Initial Weekly Certified release date April 23, 2008

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: 0 - 49
• Number of Sites: 0 - 2
• Geographical Distribution: Low
• Threat Containment: Easy
• Removal: Easy

Damage

• Damage Level: Medium
• Payload: May download potentially malicious files.

Distribution

• Distribution Level: Low
• Target of Infection: Infects executable files

Writeup By: Kaoru Hayashi

[diamante]

Here is the virus that was installed when i downloaded your OriginalKO :

fuck offf zzzz i burn me pc

[lervin]

hahahhahaha xD BURN PC !!!!