- Joined
- May 7, 2007
- Messages
- 278
I know...I posted this in Computer Tech too, but I figured I'd post it here.
I was going through my Windows Task Manager's processes and saw an unusual name:
wcsntfy.exe
I went through google to see what it was, heres some info taken from: http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SDBOT.BYD&VSect=T
File type: PE
Memory resident: Yes
Size of malware: 102,286 Bytes
Ports used: Random
Initial samples received on: Aug 5, 2005
Vulnerability used: (MS04-011) Security Update for Microsoft Windows (835732), (MS03-007) Unchecked Buffer In Windows Component Could Cause Server Compromise (815021), (MS03-026) Buffer Overrun In RPC Interface Could Allow Code Execution
Payload 1: Steals the Microsoft Windows product ID and the CD keys of games
Payload 2: Compromises system security
Payload 3: Terminates processes
I'm worried about it stealing my Wc3 cd keys mostly. My AVG Free scanner is not picking up anything though. Is this normal? Every site i've been to says its a virus. If you guys could help, that'd be great. The sooner I can figure out how to get this shit off my computer the better. (as you can see, i'm not that computer savy.)
Every time I try and end process, it starts back up again.
EDIT: Read if you download maps!
I recently found out that I downloaded a Guild of Hyppos map recently from a site i've never been to. If you are going to download maps from now on, do some from The Hive Workshop AND ONLY The Hive Workshop until blizzard has implemented a patch to fix this. Here is the site, please do not go to it to download maps:
games.softpedia.com/get/Maps/Warcraft-3-Map-Guilds-of-Hyppos.shtml
I don't recommend going there at all. I've never even heard of shtml...(what is it btw?)
I was going through my Windows Task Manager's processes and saw an unusual name:
wcsntfy.exe
I went through google to see what it was, heres some info taken from: http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SDBOT.BYD&VSect=T
File type: PE
Memory resident: Yes
Size of malware: 102,286 Bytes
Ports used: Random
Initial samples received on: Aug 5, 2005
Vulnerability used: (MS04-011) Security Update for Microsoft Windows (835732), (MS03-007) Unchecked Buffer In Windows Component Could Cause Server Compromise (815021), (MS03-026) Buffer Overrun In RPC Interface Could Allow Code Execution
Payload 1: Steals the Microsoft Windows product ID and the CD keys of games
Payload 2: Compromises system security
Payload 3: Terminates processes
I'm worried about it stealing my Wc3 cd keys mostly. My AVG Free scanner is not picking up anything though. Is this normal? Every site i've been to says its a virus. If you guys could help, that'd be great. The sooner I can figure out how to get this shit off my computer the better. (as you can see, i'm not that computer savy.)
Every time I try and end process, it starts back up again.
EDIT: Read if you download maps!
I recently found out that I downloaded a Guild of Hyppos map recently from a site i've never been to. If you are going to download maps from now on, do some from The Hive Workshop AND ONLY The Hive Workshop until blizzard has implemented a patch to fix this. Here is the site, please do not go to it to download maps:
games.softpedia.com/get/Maps/Warcraft-3-Map-Guilds-of-Hyppos.shtml
I don't recommend going there at all. I've never even heard of shtml...(what is it btw?)
Last edited: