my uo is messed it seems any help?

chevron · Post by **chevron** » May 12th, 2005, 4:54 pm

everytime i join a server (excluding custop map servers) i go c/i i took a screenshot of what my net sucurity tells me

that is the IP of the cod uo master server (i think) so basically im stuck without cod, im wondering if i have a virus that has attacked my game.

HELP NEEDED!

Ursemmer-Shapiro · Post by **Ursemmer-Shapiro** » May 12th, 2005, 4:57 pm

dont know what it is... Just play COD then

chevron · Post by **chevron** » May 12th, 2005, 4:58 pm

(UA)Ursemmer wrote:dont know what it is... Just play COD then

well thats also messed up, but any other game i can play

weird

i cant live without cod

Ursemmer-Shapiro · Post by **Ursemmer-Shapiro** » May 12th, 2005, 5:27 pm

yupz pretty weird dude looks if theres a firewall holding youre UO and/or reinstall it

Post by **Drofder2004** » May 12th, 2005, 5:36 pm

I also got this message the other day... I just told Nrton to ignore it... (thought it was just norton getting things wrong). But now you are getting it to

Ermm... worrying.

BD BackOrifice is used to take control of the clients pc... and the attack address is the same as the server you are connecting to.

I'll check IW support, and if need be email them to see if it is a error to worry about...

Edit:
i just emailed Activision support, hopefully should get an answer by 2moro.

chevron · Post by **chevron** » May 12th, 2005, 5:46 pm

Drofder2004 wrote:I also got this message the other day... I just told Nrton to ignore it... (thought it was just norton getting things wrong). But now you are getting it to

Ermm... worrying.

BD BackOrifice is used to take control of the clients pc... and the attack address is the same as the server you are connecting to.

I'll check IW support, and if need be email them to see if it is a error to worry about...

Edit:
i just emailed Activision support, hopefully should get an answer by 2moro.

ah cheers m8 ur a star

woCooM · Post by **woCooM** » May 12th, 2005, 9:53 pm

BD BackOrifice IS A BACKDOOR TROJAN

SCAN YOUR COMPUTERS AND REMOVE THE FILE NOW!!!!

backorifice is about 5years old but still gets updated and can be used to fuckup your PC and make life hell

THE IP=- 84.244.130.79 -= Is sat behind several fake hosts >.<

Code: Select all

Tracing route to 84.244.130.79 over a maximum of 100 hops

  1     1 ms     1 ms     1 ms  cpc4-hudd5-5-0-cust98.hudd.cable.ntl.com [82.9.1
23.98]
  2    10 ms     7 ms    17 ms  10.137.183.254
  3    10 ms    10 ms    11 ms  hudd-t2cam1-a-ge96.inet.ntl.com [80.7.154.29]
  4    12 ms     9 ms     9 ms  hudd-t2core-a-ge-wan61.inet.ntl.com [80.7.153.1]

  5    21 ms    11 ms    11 ms  man-bb-a-so-200-0.inet.ntl.com [62.253.188.209]

  6    57 ms    10 ms    11 ms  lee-bb-b-so-700-0.inet.ntl.com [62.253.185.194]

  7    12 ms     8 ms    11 ms  lee-bb-a-ae0-0.inet.ntl.com [62.253.187.185]
  8    17 ms    19 ms    18 ms  pop-bb-b-so-100-0.inet.ntl.com [62.253.185.238]

  9    31 ms    23 ms    24 ms  amst-ic-1-so-000-0.inet.ntl.com [62.253.188.94]

 10    22 ms    22 ms    25 ms  ams-ix.M10.AMS.we-dare.net [195.69.144.107]
 11    26 ms    27 ms    24 ms  ge-0-0-0.cr1.rtd.we-dare.net [217.148.164.145]
 12    23 ms    25 ms    24 ms  84.244.130.79

it is deffinatly a hacker using a proxy to exploit your PC

i recomend scanning your machine with AVG or Norton (even Mcaffe) any of the virus scanners should remove the problem

IW doesnt need contacting as the file has nothing to do with COD or UO it cannot be run unless it is installed

most likely you have downloaded an hacked file from somewhere on the net

p.s. it could have been on your system since your last format!

Post by **Drofder2004** » May 12th, 2005, 10:22 pm

woCooM wrote:BD BackOrifice IS A BACKDOOR TROJAN

SCAN YOUR COMPUTERS AND REMOVE THE FILE NOW!!!!

backorifice is about 5years old but still gets updated and can be used to fuckup your PC and make life hell

THE IP=- 84.244.130.79 -= Is sat behind several fake hosts >.<
Code: Select all
Tracing route to 84.244.130.79 over a maximum of 100 hops

  1     1 ms     1 ms     1 ms  cpc4-hudd5-5-0-cust98.hudd.cable.ntl.com [82.9.1
23.98]
  2    10 ms     7 ms    17 ms  10.137.183.254
  3    10 ms    10 ms    11 ms  hudd-t2cam1-a-ge96.inet.ntl.com [80.7.154.29]
  4    12 ms     9 ms     9 ms  hudd-t2core-a-ge-wan61.inet.ntl.com [80.7.153.1]

  5    21 ms    11 ms    11 ms  man-bb-a-so-200-0.inet.ntl.com [62.253.188.209]

  6    57 ms    10 ms    11 ms  lee-bb-b-so-700-0.inet.ntl.com [62.253.185.194]

  7    12 ms     8 ms    11 ms  lee-bb-a-ae0-0.inet.ntl.com [62.253.187.185]
  8    17 ms    19 ms    18 ms  pop-bb-b-so-100-0.inet.ntl.com [62.253.185.238]

  9    31 ms    23 ms    24 ms  amst-ic-1-so-000-0.inet.ntl.com [62.253.188.94]

 10    22 ms    22 ms    25 ms  ams-ix.M10.AMS.we-dare.net [195.69.144.107]
 11    26 ms    27 ms    24 ms  ge-0-0-0.cr1.rtd.we-dare.net [217.148.164.145]
 12    23 ms    25 ms    24 ms  84.244.130.79
it is deffinatly a hacker using a proxy to exploit your PC

i recomend scanning your machine with AVG or Norton (even Mcaffe) any of the virus scanners should remove the problem

IW doesnt need contacting as the file has nothing to do with COD or UO it cannot be run unless it is installed

most likely you have downloaded an hacked file from somewhere on the net

p.s. it could have been on your system since your last format!

That trojan was patched up by Norton last year... I will do yet ANOTHER scan with Norton...

chevron · Post by **chevron** » May 12th, 2005, 10:37 pm

me 2 scaning erm scary hacking biatches

chevron · Post by **chevron** » May 12th, 2005, 11:17 pm

woCooM wrote:BD BackOrifice IS A BACKDOOR TROJAN

SCAN YOUR COMPUTERS AND REMOVE THE FILE NOW!!!!

backorifice is about 5years old but still gets updated and can be used to fuckup your PC and make life hell

THE IP=- 84.244.130.79 -= Is sat behind several fake hosts >.<
Code: Select all
Tracing route to 84.244.130.79 over a maximum of 100 hops

  1     1 ms     1 ms     1 ms  cpc4-hudd5-5-0-cust98.hudd.cable.ntl.com [82.9.1
23.98]
  2    10 ms     7 ms    17 ms  10.137.183.254
  3    10 ms    10 ms    11 ms  hudd-t2cam1-a-ge96.inet.ntl.com [80.7.154.29]
  4    12 ms     9 ms     9 ms  hudd-t2core-a-ge-wan61.inet.ntl.com [80.7.153.1]

  5    21 ms    11 ms    11 ms  man-bb-a-so-200-0.inet.ntl.com [62.253.188.209]

  6    57 ms    10 ms    11 ms  lee-bb-b-so-700-0.inet.ntl.com [62.253.185.194]

  7    12 ms     8 ms    11 ms  lee-bb-a-ae0-0.inet.ntl.com [62.253.187.185]
  8    17 ms    19 ms    18 ms  pop-bb-b-so-100-0.inet.ntl.com [62.253.185.238]

  9    31 ms    23 ms    24 ms  amst-ic-1-so-000-0.inet.ntl.com [62.253.188.94]

 10    22 ms    22 ms    25 ms  ams-ix.M10.AMS.we-dare.net [195.69.144.107]
 11    26 ms    27 ms    24 ms  ge-0-0-0.cr1.rtd.we-dare.net [217.148.164.145]
 12    23 ms    25 ms    24 ms  84.244.130.79
it is deffinatly a hacker using a proxy to exploit your PC

i recomend scanning your machine with AVG or Norton (even Mcaffe) any of the virus scanners should remove the problem

IW doesnt need contacting as the file has nothing to do with COD or UO it cannot be run unless it is installed

most likely you have downloaded an hacked file from somewhere on the net

p.s. it could have been on your system since your last format!

i scanned my pc, nothing found

woCooM · Post by **woCooM** » May 14th, 2005, 1:00 am

its deffinatly there though as the dialouge shows in your first post!

Post by **Drofder2004** » May 14th, 2005, 1:20 am

woCooM wrote:its deffinatly there though as the dialouge shows in your first post!

Not true.
Alerts like these can be mistaken for viruses and backdoors.

Read the Norton error...
"Not all security alerts are indications that your computer is under attack. Some harmless communication between computers may appear to be similar to common internet attacks and can trigger security alerts"

In this case the server is sending the gamestate (a file to load the map and gametype and cvars etc) and norton is mistaking the connection for an attack. The server ip is not some "random" computer ip, its the server you are connecting to (I tested it twice, and got the same results [server ip]).

I believe this is nothing to worry about as norton users are protected from this backdoor virus (check symantec website).

Post by **Soviet** » May 14th, 2005, 2:00 pm

dont mean to not sound worried or upset or anything...but what is the website on the back of that screenshot?

=(LF)= KnakWorst · Post by **=(LF)= KnakWorst** » May 14th, 2005, 2:01 pm

c2i site

Dan2k3k4 · Post by **Dan2k3k4** » May 14th, 2005, 2:01 pm

I had this too! It just started happening like 2 days ago...

Weird

Anyway Norton thinks its the CoD or UO server you connect to that is hacking you or w/e and blocks that server ip

Theres an option in Norton where you can turn AutoBlock attacking IP off SO it wont block any CoD or UO servers anymore... and you wont ping out

I done a full system scan and found the 2 trojans

my uo is messed it seems any help?

my uo is messed it seems any help?

Who is online