Hi.

I played with a guy named 'CieNTi' today.
In game he entered a URL in the chatbox and told me and the other player not to execute the executable there.

I downloaded and scanned this file and found out that it is infected by Trojan-Downloader Win32.VB.aju.

From the replay:
CieNTi: http://xxxxxxxxxxxxx
CieNTi: i have a visor. t
CieNTi: just DONT enter in that web
CieNTi: please
CieNTi: im in a server, with VNC, and there will be a vulnerability and somtimes enter someone and try to exec that

What does this mean? That, how Lex guessed, someone is typing this URL against his will or that he tries to make people to kill his VNC server with this trojan horse?

He told you and the other person not to execute that file? That sounds like whatever he has is typing the URL against his will, and he doesn't know how to stop it, but he wants you to be aware that you shouldn't download it.

no one is that smart, hes just being a nice citizen.... right.....:rolleyes:

maybe he got a virus that means any irc-based chat he enters makes him periodically post that url. Like the MSN viruses.

In-game chat is not IRC-based. However, it's possible that it makes his keyboard type that string of letters periodically.

"CieNTi: im in a server, with VNC, and there will be a vulnerability and somtimes enter someone and try to exec that"
Hmm... Maybe he means someone's hacking his internet connection?

VNC? Virtual Network Computing / Connection?

Sounds like he's connected to something seriously insecure somewhere.

VNC? Virtual Network Computing / Connection?

Sounds like he's connected to something seriously insecure somewhere.

I wonder if it is even possible to play over VNC. Must be slowwww.

I've tried over remote desktop, but I don't remember it working, somehting to do with direct X. however, with the right software and a powerful enough conncetion it should be possible.

I've tried over remote desktop, but I don't remember it working, somehting to do with direct X. however, with the right software and a powerful enough conncetion it should be possible.

You could probably do it with Wine. Remote X performance would be terrible though (I think it'd have to send each frame over the network)..VNC might be better..

I don't think I've ever got that set up in linux though, I presume that's where you mean?

trying to use radmin to play a hotseat game caused a black screen on the remote players window. menus were just the back layer but useable.

Well .. a guy on wormnet said me this post ... I have 2 PCs, my own, on my house, and my work's one ... On my work's one, i have a VNC server, to remotely manage from my house .. Im working on a ciber, and, vnc maybe have a vulnerability, cos, having any password, someone gain access to my desktop, and automatically, try to open the "execute" windows, write a URL, and execute it ... the application, isnt a virus by own, its a downloader, i followed it, and the virus is a IRC based-virus ... I changed the default port of the vnc server, and NEVER spreaded viruses on wormnet, that time was simply bad luck, that i was playing and the mf guy entered ...

As u can see on the repeat game, i said "NOT TO OPEN IT" and if u see it well, u can see the URL cutted at end, cos i was writing something else when that happened ... i think u can think before say "CIENTI SPREAD VIRUSES" ... ask someone if i said that url once more ... bah, cya, the people that know me knows that is false

And no ... from my house, trought VNC cant play worms, so slow, impossible to play nice

Sounds like someone was making a bot network by mass-scanning for VNC vulnerabilities, and gaining access to the machine to install his software.
You should upgrade/change your VNC software, and also set the VNC or your firewall to accept connections only from a list of trusted IP addresses.

Also, get an anti-virus. It's really worth it. I recommend NOD32 (http://www.eset.com/) :D

Thanks CieNTi for clearing this up. A mod now may change the title.