Derida 2.20 worm

[swifteagle]

Heads up the latest Derida V2.20 is infected with a worm named W32/Badgrad.a.worm
http://www.pandasoftware.com/virus_info/encyclopedia/ficha.aspx?iddeteccion=223379

Thanks to Adenn for catching this one and sorry if its been mentioned already did a search but found nothing posted.

 

[Gamah]

I find no mention of this worm anywhere on the web or the link you posted, interesting that derida's site is closed though.

 

[Adoctor]

http://vnboards.ign.com/user_interface_board/b22592/92998842/p1/?21

check this out

derida explains all about it.

 

[swifteagle]

Doh tried edit but no joy so here goes
the first link I posted was what i used to find and repair it
http://www.sophos.com/virusinfo/analyses/w32badgrada.html

This link has an explantion about it ,it seems a fairly new worm

 

[DocWolfe]

my virus scanner aint said anything.... might run a scan now.

 

[Thorwyn]

Read Deridas explanation on vnboards about the identification logic of some virus scanners. If Derida really contained a worm, all good virus scanners should find it (despite the worm being "fairly new" or not).
Derida.de is probably closed because the guy is being flooded with mails and crap. Btw.. this is not the first time that this discussion is coming up. Happened before with older versions of the UI as well.

 

[swifteagle]

I'm not trying to cause panic or alarm but better to be safe than sorry as far as viruses and worms are concerned,if you run a scan and it finds and cleans it even if its a false reading what have you lost !

 

[Thorwyn]

My post wasn´t aimed at you mate, I fully agree, better safe than sorry. thanks for the heads-up.
Just wanted to point out that the same thing has happened before and turned out to be wrong.

 

[Haggus]

Ok how to get rid of it? :E

 

[Chimaira]

Lol that vn thread :f

 

[Adianna]

Read Deridas explanation on vnboards about the identification logic of some virus scanners. If Derida really contained a worm, all good virus scanners should find it (despite the worm being "fairly new" or not).
Derida.de is probably closed because the guy is being flooded with mails and crap. Btw.. this is not the first time that this discussion is coming up. Happened before with older versions of the UI as well.

www.derida.de is closed because someone copied almost 95% of his UI and just wrote his own name on it so Derida is a little bit annoyed about that.

There is no worm in the mod, it's just wrongly identified by the virus scanner. That happened to the german version 1.7x as well. AntiVir identified a worm where there never was one.

 

[Jeriraa]

So the guy who wrote the program says he didnt put a trojan into it... he might tell the truth or he might lie and steal passwords.

VN people who's scanners dont find a malicious signature blame people who's scanners do of having crap scanners?
They probably verified it is a false alarm by opening the .exe with the notepad and reading the assembler code.

As for me: I sent the suspicious file to the devs of my scanner. Its their job to find out if its a false positive or not. Until then that file's quarantained.

 

[Adianna]

It already happened twice and twice it was a bad scanning routine.

 

[Haggus]

Well it makes sence, my mouse has been freezing over the last few days and I can't do fuck all but restart and it's getting very annoying !

Anyone know how to fix this or got the same problem ?

 

[Adianna]

Clean your mouse from time to time... it isn't too good if the optical sensor is covered with a dark black layer of dust.

 

[Xajorkith]

www.derida.de is closed because someone copied almost 95% of his UI and just wrote his own name on it so Derida is a little bit annoyed about that.

Rubbish.

Firstly Derida took the site down during the unfortunate virus false alarm, he clearly expressed that in this thread:
http://vnboards.ign.com/user_interface_board/b22592/93064975/p1/?31

Second if you're refering to Emerikol's UI, Emerikol's took 60% Derida work, 30% Quillixx's work and 10% his own work. He gave Derida full credit in a special credit window in his UI and also gave credit in a text file in the directory, what more does Derida want? Nearly everyone bases their UI on Deridas, I really don't know why Deridas has a bee in his bonnet over Emerikol's, and bullying Emerikol's is not the right way to go.

 

[Lamp]

Again this has been discussed many times, it is not Derida's software, and the file that is being reported to you is NOT infected, it has an *Algorithm* within it that seems to act like a virus but is not!

 

[Adianna]

Firstly Derida took the site down during the unfortunate virus false alarm, he clearly expressed that in this thread:
http://vnboards.ign.com/user_interface_board/b22592/93064975/p1/?31

Considering his bad english (this are his words, not mine) he was undoubtably misunderstood.

If you know enough german go to the german board on 4players.de and read it there.

 

[Ctuchik]

I'm not trying to cause panic or alarm but better to be safe than sorry as far as viruses and worms are concerned,if you run a scan and it finds and cleans it even if its a false reading what have you lost !

well, if it finds the "wrong" false positive, u can loose a hell of alot more then u bargained for. theres a LOT of extreamly shitty virus scanners out there that thinks files are virus/worms/trojans and start to delete mindlessly. my dad had one of those scanners and it ended up with me having to flash his bios.

Use GOOD virus scanners! NOT some unknown free P.O.S that noone have ever heard of before! it IS worth the cash to buy one of the top scanners out there, trust me! (panda excluded, that scanner is so shitty on so many levels its surprising they even bother)

i have one of those scanners that my ISP provided me with when i got my broadband, but no way in hell am i using that. i much rather buy something ive heard of and KNOW works.

 

[Herjulf]

Wouldnt be the first to sneak a worm in their UI installer.

And shake their head innocently on the boards, pointing fingers at peoples "bad scanners".

That said, i do however find it unlikely that Derida is one of those.
Alot of software out there use sub software, script snippets and even filenames matching partial code/filenames of known worms and viruses.

DC++ is a good example (magnet.exe)

Software that might be used by malicious software(viruses) and therefore are unfortunately drawn into the shit.

Even though i trust Derida´s agenda, i question the need for a .exe executable to install a UI.
I am aware of diverse options given of look and feel. But it is fuel for the fire, and builds trust.
making it alot easier for crackers to sneak in malicious code in THEIR installer.

Perhaps a guide on the homepage and a script BUILDS a zip file custom for the visitor instead.