FFXIclopedia

by **Ganiman** on Tue Apr 01, 2008 9:11 pm

This is not an April Fool's Day Joke

This afternoon the FFXIclopedia forums were infected with a Real Player exploit (the same exploit other FFXI sites were infected with a few weeks ago). The exploit has been removed from the forums with the help of the FFXIclopedia admins and the Wikia admins.

SCAN YOUR COMPUTERS
Update your virus scanner and spyware scanner definitions. Check and double check that your PC is not infected. This was brought to our attention relatively quick. The forum's web server was turned off as quickly as possible and the infected code was removed as quickly as possible. The window to be infected was small, but enough to cause harm. SCAN YOUR COMPUTERS.

We announced last week that we will be upgrading our forums. We are trying to move up the schedule on this to prevent any further malicious activity. In the mean time, if anyone finds that this problem reappears, please email me at ganiman[at]gmail[dot]com, log into our IRC channel #ffxiclopedia on Freenode, or send me an instant message on AIM to Ganiman.

by **KeiKusanagi** on Tue Apr 01, 2008 9:27 pm

Fool me once, shame on you. Fool me twice, shame on me.

by **Ganiman** on Tue Apr 01, 2008 9:31 pm

KeiKusanagi wrote:Fool me once, shame on you. Fool me twice, shame on me.

"There's an old saying in Tennessee — I know it's in Texas, probably in Tennessee — that says, fool me once, shame on — shame on you. Fool me — you can't get fooled again."

by **Sharaa** on Tue Apr 01, 2008 9:34 pm

Meh, April fool's joke or not I'd rather play it safe and run a quick scan.

by **Fusionx** on Tue Apr 01, 2008 9:35 pm

nice job on getting the issue resolved quickly

by **Deeke** on Tue Apr 01, 2008 9:54 pm

May I play my tech-noob card?

So I got hit. (My work's computer probably did also, but whatever.. :lol:

)

Anyway, ran my scans and it threw these two thingies at me:
(hopefully Photobucket's compression will still allow legibility)

Now again, with my playing my tech-newb card, could I get a few answers from people who are familiar with whatever these viruses are and who also know roughly how AVG-Antivirus works~

I popped them both into the Vault as soon as they appeared on the scan. I now seem to have two choices: 'Wipe/delete' and 'Heal'.

It isn't really apparent what Wipe/delete does.. will it nuke the things from my computer? (Good Thing.) Or will it simply delete them from the Vault and free them? (Bad Thing.)

Or should I 'heal' the things? That seems unlikely somehow...

Anyway, any advice would be appreciated^^

Also, I have FFXI installed on this laptop and have accessed my POL account through it in the past obviously, so I would assume that my log-in details are saved somewhere on the laptop. But it has been weeks now since I used the laptop to access the game. Certainly haven't done so at any point today if that's relevant. 99% of the time I play FFXI through Xbox. As I mentioned, I don't know how these thingies work their malicious magic. Would it still be prudent to change my POL password? Or is that info now denied to the evil perpetrators of this haxxey little thing? I'd rather avoid changing password if possible.

Thankies!

by **Deeke** on Tue Apr 01, 2008 10:01 pm

AVG just this second picked up another Threat Detected! when I went back to the main forum page.. :shock:

From the file description it seems identical to the 'index[2].htm' one shown above.

I'll PM the Ganimanster about this just to be on the safe side.

by **Sealdorie** on Tue Apr 01, 2008 10:08 pm

Deeke wrote:AVG just this second picked up another Threat Detected! when I went back to the main forum page..

From the file description it seems identical to the 'index[2].htm' one shown above.

I'll PM the Ganimanster about this just to be on the safe side.

Did a scan this morning Had 2 threats. Did another scan about 5 minutes ago and got 2 more. The first set were in my playonline folder, the second set was in my firefox. Curious.

Last virus scan I did was last night around 10pm, so I know I was virus free before then. (Yes I do at least one scan a day, I've already been hit once by these things).

by **Europea_of_Cerberus** on Tue Apr 01, 2008 10:39 pm

site going down, posts being edited, suspicious? I think so >____________>

by **Deeke** on Tue Apr 01, 2008 11:05 pm

Someone answer my tech-noob question!

I played the caaaaard!

by **Xanthe** on Tue Apr 01, 2008 11:34 pm

I tried to heal but it didn't work so I'm just leaving it in the vault until I figure out what to do...

I don't understand. Answer Deeke's tech-newb question!!!

by **Sharaa** on Tue Apr 01, 2008 11:34 pm

If no one has answered your questions I'll look at them on break. Imageshack/Photobucket is blocked ont eh work computers, I'll need to get on my laptop.

Profile: Jhes · by **Jhes** on Tue Apr 01, 2008 11:37 pm

Wipe/Delete means completely removes from your PC, Heal would mean it would try to remove the virus from the file (pretty much fails all the time) and release the file to be used again, if it cant heal it, then it just keeps it locked in the vault.

by **Janoric** on Tue Apr 01, 2008 11:38 pm

Better safe than sorry, running scans now with bitdefender, see if anything pops up

by **KeiKusanagi** on Wed Apr 02, 2008 12:32 am

I did actually pick something up in my Scans. Two files, however my computer crashed in the middle of my scan and I was not able to deal with them, however, I believe CrapClearner was able to take care of it, because when I did my next scan I didn't find them.

FFXIclopedia

Forum Problems 4/1

Forum Problems 4/1

Who is online