Forum Coordinators: RedPhantom
Poser - OFFICIAL F.A.Q (Last Updated: 2024 Nov 28 11:20 am)
Actually, not to beat a dead horse or anything, but that 'frivilous' virus caused me to need a reformat. And, I'm not trying to throw blame at all, but the problem started when I installed a Daz POSER figure. Seems lots of people are having this problem, so it's fair to warn the community about it.
If it does have something to do with Daz, and their poser figures, then it is directly related to this program and this forum. And the fact that you use a Mac instead of a PC is commendable, but perhaps you could just ignore the warnings rather than try to downplay the severity of the problem.
Just thought I'd throw out my .02 on it.
Give a man a fire and he's warm for a day. Set a man on fire
and he's warm for the rest of his life.
Duskrider.com
I felt the same yesterday. Until-I started my computer this afternoon to get into some Poser work and after 2 hours of trying to get rid of the mentioned virus I'm now looking at spending most of this weekend reformating and reinstalling 10 gig of Poser content and the rest of my programs and files. Sure-it's really off topic - until it happens to you. Your quote is so right - you are an asshole! (yes I'm totally pissed of at the moment)
Attached Link: http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
You don't need to reformat!!!!!!!!!!I use eTrust Antivirus and they can find and restore the infected files. They have a web based scan. Try it. If that doesn't work, then download the trial version of the eTrust Antivirus and use it.
"It is good to see ourselves as
others see us. Try as we may, we are never
able to know ourselves fully as we
are, especially the evil side of us.
This we can do only if we are not
angry with our critics but will take in good
heart whatever they might have to
say." - Ghandi
Since this is a very real virus that, among other things, attacks Poser.exe and Daz' exe-installers, I think it belongs here VERY much.
There's a great difference between hoaxes and real virus warnings. The latter ought to be sent to as many people as possible, as fast as possible.
I survived the Polip.a with only PWizard and MorphManager (and some System Restore files) as casualties. The rest was restorable with DrWeb's CureIt.
FREEBIES! | My Gallery | My Store | My FB | Tumblr |
You just can't put the words "Poserites" and "happy" in the same sentence - didn't you know that? LaurieA
Using Poser since 2002. Currently at Version 11.1 - Win 10.
Content Advisory! This message contains nudity, profanity, violence
sigh This is a Poser forum not a Virus forum. And for the record, I am pretty sure that DAZ is not distributing virally infected installers. Your exes may be getting infected AFTERWARDS but I seriously doubt they are coming down the pipeline that way. But it's a Poser forum. Not a virus forum. And how many bloody threads do you need? Now that this one has been co-opted into another bloody virus thread apparently, do we plan on puching all the relevant content to the forum off the front page to fill it with 'Ahh a bloody virus'?!
I'm the asshole. You wanna be a shit? You gotta go through ME.
And for the record, I am pretty sure that DAZ is not distributing virally infected installers. Your exes may be getting infected AFTERWARDS but I seriously doubt they are coming down the pipeline that way.
I agree with that... I had the Iloveyou virus a long time ago, it destroyed my jpg and psd, but it didn't come from some file I had downloaded for photoshop, it came from an email attachment. The files a virus will attack have nothing to do with where the virus came from.
Lucie
finfond.net
finfond.net
(store)
Listen, I'm not trying to lay blame on Daz or anyone else. Here's the thing, I'm a member of several online forums, and this is the only forum I check that has any virus warnings for this polip.a virus. I work in IT (not trying to pat myself on the back, just saying), and nobody I work with has ever heard of this thing. It's not widely distributed, which is shocking considering how easily it spreads. I'm usually very vigilant about my virus protection, and was very surprized when I got this one. I stay away from file share and p2p networks as a rule, so I know everything I download is clean. I don't open unknown attachments... etc etc etc blah blah blah. You know the drill.
Now the very thing you're complaining about, the fact that this forum is so rife with polip.a warnings... isn't it strange that such a niche population has been stricken with this when it's not considered by the anti-virus developers to be widely distributed? Look at the other forums HERE. Are there any that have as many warnings as the POSER forum? Very odd, at least to me, that there is such a dense amount of users here striken with polip. There's more info IN THIS FORUM about polip.a then there is if you do a search for it on Google. Strange.
I'm not trying to point fingers... but if it looks like a duck and quacks like a duck... you know the rest. It has nothing to do with the fact that it targets poser. It doesn't. It targets EVERY .exe file it can find. Shouldn't there be users all over the internet, for every program, talking about it? There isn't. Only here have I seen such an uproar. Only here.
Think about it.
Give a man a fire and he's warm for a day. Set a man on fire
and he's warm for the rest of his life.
Duskrider.com
One can always skip threads with “OT” in the titles. However, the recent thread on the polip virus and the information about Dr. Web’s CureIt solved a problem I’d been battling for weeks. Were it not for that thread, I’d still have the troubles, as the only sites I frequent are either art or photography related.
Quote - DAZ has scanned its server files and found them clean. And several of us download numerous DAZ items and have (touch wood) clean machines.
Indeed, I just downloaded the free tower yesterday, and scanned both my system and the file with Cureit and both came up clean (and it took longer to scan my Poser runtimes than the rest of the computer).
________________________________________________________________
If you're joking that's just cruel, but if you're being sarcastic, that's even worse.
I've installed the WoodElves and several other things from Daz in the last week or so and I didn't get that virus...
Lucie
finfond.net
finfond.net
(store)
Eyup Dodger, we all know the reasons commercial posts aren't allowed in here so your comparison is not a fair one.
Of all the threads I can see on this first page there are four which are virus related and the rest are more or less Poser specific.
No need to get menstrual about it, is there?
Coppula eam se non posit acceptera jocularum.
I disagree. Anything that effects the Poser community is On Topic. I have to keep the work Windoze machines working, and those people pick up all kinds of wildlife! I am very thankful for the tips on cleanup the latest threats. All our inhouse system protection stuff was telling us things were clean, but after running Cureit, guess what? Not so clean. So far I haven't found polip.a but there are other virius and trojans being found.
bB
Viruses are not rumors. The CN.Honker virus cost me $600 in new
hard disks and new operating system source.
That's not a rumor. That's a month of living expenses.
Because there's no Emergency Virus Warning Service .... and if the
government ran such a thing, it wouldn't work anyway .... we have
to rely on forums like this for information about what's the latest
epidemic and what actually helps to cure it. Forums like this are
EXACTLY the right place for virus discussions.
My python page
My ShareCG freebies
I dont believe it makes much sence to suggest "lets have a virus only forum" when there arent seperate win poser and mac poser forums.
Evidently we are all in this together and if you are on a mac it seems logical to just pass up windows virus alert threads and allow members of the community to help each other thru a crisis.
Im surprised no one is posting that has looked at this from a sysadmin/security point of view.
fact: p2p users number in the MILLIONS
fact: p2p is full of people whose hobby is sharing files, who run cable-speed servers 24/7 to facilitate this hobby.
fact: If the wrong people use this exploited code and we end up with zombie masters with thousands, not hundreds of bots in fleet (or more) we are going to see an era of DDOS terrorism the likes of which the net has never experienced.
This is very serious and very real. We are talking the power to possibly knock entire ISPs off the net, not just individual sites.
Slightly more serious than being pissed off at warez-kiddies sharing files, no?
Dodger yer a modeller, I cant do that. Youve released figures and contributed more to the poser community than ill ever be personally capable of, but I have to respectfully disagree with your post here. Extra OT's to swim thru are MORE than worth it in this situation.
Surf Safely everyone
Logan
Well I'm sorry if my cries for HELP from the community upset a few people. Poser and art are what I care about, after my family of course, and I have four PCs, and my main PC has three internal 250 gig hard drives with a 250 gig external. All are riddled with the virus. The Polipo virus has also started destroying my Windows system files. I have my laptop - which had nothing much on it working good enough to access the internet - but it too has the virus. My Poser exe is is what went down first from the virus. I have run Dr. Web's cure it which says the virus is cured, then run Grisofts AVG that says the virus is still there. I need help in getting rid of this virus. As far as renaming .exe files to zip and trying to clean them, I just have too many to rename. AVG says I have the virus, but it does not heal or delete the virus. just leaves it there. I need a virus remover that works. This is going to take forever to get rid of plus the pain of reinstalling everything. Plus I am a web designer and this is causing me to lose work. Without getting into a Mac vs PC flame, I worked on Macs for years when I was in the newspaper business and they crashed as much as my PCs. They just aren't as prone to viruses. Personally, I think a virus and general computer problem forum would be great. We are almost all digital artists and depend on our computers. If we have problems, someone in the community can probably help. Thanks for all of the tips I have received so far from you NICE people.
I tend to agree with dodger - perhaps the hardware/technical forum would be a better place to discuss viruses. as there are over 600,000 known windows viruses, trojans, worms, r.a.t.s, spyware etc., this topic could easily consume this forum if we're not careful. being on mac OS, I'm also concerned with security issues. so far there are 3 known OS X worms, 3 concept trojans, 2 malicious trojans and 1 rootkit. these have all been covered by recent OS X updates, but the place we always discuss them is the mac forum, so as to avoid cluttering this forum with irrelevant info.
this virus INFECTS exe's even ones you are DOWNLOADING until you get it off your system it is gonna affect exes you download whether it's from Daz or from Microsoft. Until you have it off your system Don't download.
Daz scanned their files and they do not have it.
http://www.bitdefender.com/VIRUS-1000066-en--Win32.Polip.A.html
Quote - Look, Dodger's not saying Post No Virus Warnings Whatsoever, he merely asked that we not make a bazillion threads about it causing all Poser related threads to scroll off the screen. Can't we just honor that request and stick them all in one thread?
There aren't a bazillion threads about viruses.
I don't dig Dodger's attitude here. I like the guy a lot but hs should sometimes be a little more diplomatic.
I don't have a virus on my computer.
I can skip over the posts I don't want to read.
Dodger is not the Renderosity Poser Forum Police.
Coppula eam se non posit acceptera jocularum.
just because some poser users got hit badly doesn't mean this forum should turn into a virus discussion forum. if you need help with severe cardiovascular problems, do you ask in a poser forum? i hope not. the best place to discuss this sort of thing is in a dedicated forum with specialists on virus protection, not in a poser forum where the vast majority of people (friendly or not) will not be well-informed about viruses, and false information will get spread around (like this idea that DAZ is responsible, or that people who got it are warez users). anyone who reformatted should learn how to look up virus information, and pick one of the sites that explains step-by-step procedures appropriate to their own level of familiarity with their OS. drastic measures such as reformatting or reinstalling the OS are very rarely needed. i got win32.polip.a too on my windows machine, even though i am extremely vigilant about virus protection, and i scan everything, even executables from microsoft -- neither of my AVs detected it at the time. i suspected i had an unknown virus when i saw a normal process using unreasonable amounts of processing power; that's a dead giveaway. a google search gave me all the information i needed to fix the problem. and yes, i too wondered whether it might've come from DAZ because i had very recently downloaded a whole batch of items, and scanning with cureit found the infection widespread in my poser directories. so i checked by downloading the same files with my mac and scanning them there. they were not infected. the infection was probably so prevalent in my poser directories because i had executed more DAZ executables than other files when organizing my new acquisitions (and the whole batch was infected by the already running virus process when downloading). this virus started around march 20, it spreads very easily, under the radar because it's not directly destructive, and almost all of the big AVs totally missed it for nearly a month; it could have come from anywhere by the time i (and you) got it. demanding pure on-topicness is silly; that's not how communities work. not caring how PC users might be affected because one has a mac is selfish. however, at most one thread for this virus should be enough. i don't think it's asking too much that people at least scan a few days worth of subject headlines before making a new post.
Quote - I felt the same yesterday. Until-I started my computer this afternoon to get into some Poser work and after 2 hours of trying to get rid of the mentioned virus I'm now looking at spending most of this weekend reformating and reinstalling 10 gig of Poser content and the rest of my programs and files.
See... this is exactly why it is on topic. So we can warn people that they do not need to reformat. My PC was more infected than a Civil War camp follower... ( ;) ), but she's clean as a whistle now. Also, it is somewhat needed just so Daz's name can be kept out of the mud on this. Like a lot of other people, i -found- I had the virus by trying to use Daz installers. But with research I also found that they were not the source. Rather, ,b>they were a symptom. My daz installers were getting infected as I downloaded them, by the virus alread on my machine. How did I get it? I don't know for sure and I doubt I ever will. I will say this: 1. My norton was up to date until I removed it two days ago. 2. My spybot was up to date. 3. My zone alarm was up to date. 4. My router has a firewall, but I had 'unchecked' 'block NAT redirections'. I don't know why I did that, but it's checked now. I don't think that was the infection source as I think that only applies to the network between my home computers... 5. Mid march I installed the latest version of RealPlayer. Stupid, stupid move on my part. But I had a video given to me and I couldn't get it to run in anything else... and I didn't want to hassle the creator for a new version in a different format. I figured 'ok, so Realplayer is a known trojan - but that was in the mid 90s, surely they've cleaned up their act by now. Stupid of me, yeah, but I gave them the foolish benefit of the doubt. Guess what? When I cleaned my computer of the 7 trojans and spyware bots it found, the first one it found was in realplayer... 6. Up until two days ago I could not figure out how to disable msnmsgs.ese - that MSN messenger thingy that kept showing up in my taskbar. I would disable it, turn it off, block it with zone alarm, and on reboot it would be right back there using my .NET to wander around... Guess what? Over 10 copies of the virus were found inside of it... In fact, it took so long to 'cure' it that at first I thought my computer was locked in a loop... Once it was cured, my steps for disabling it that had failed before suddenly worked... Go figure. 7. Consider how many freestuff items work through exes. Not many, but some. Any one of those is also a potential source. Likewise -ANY- exe you get online could come from an infected PC. Once you run that exe, you will be infected as well. Further, in IE a hacker could use ActiveX to download a small exe onto your machine and run it, infecting you... They could even do it as part of something you thought was a legitimate download... That is why it is so easy to spread... Sure people should be more cautious, but it only takes one person in your personal network to lower their guard. I have heard this virus turns your PC into a gnutella p2p server - a rumor I heard. Given that my router kept failing or recycling, my net had been unusually slow this past month, and every now and then my PC would just up and turn off for no apparent reason, I suspect there is some truth to that. It is possible that I infected everyone in my 'MSN chat' contact list... I haven't asked them - I don't even know some of them anymore because it has been that long since I used MSN chat, but my account there still exists... So... I had many possible routes through which I could have been infected. None of them the result of 'knowingly' using p2p. But, I am fairly sure I did -NOT- get infect -by- Daz. Rather, the virus infecting my Daz content let me make the leap and 'put two and two together' and realize my PC troubles were a virus. And I -ONLY- realized that by reading about it on these forums. If not for it being posted here, I would still have the virus on my PC today... Given that for over a month none of the major anti-virus companies added this virus to their detection files, even though they knew how to detect it, I consider them to have seriously dropped the ball. Possibly even to the level of a breach of contract class action. As a result of that, the virus had a month and a half to spread out to all sort of innocent people all over the net. And it knows how to disable your anti-virus detection files, so even if you update know, you might still not find the virus. You have to run your detection apps from a CD burned on a clean machine (and you have to have a reason to be sure that machine is as clean as you think it is). And all of this I only learned thanks to the warning here. This virus has spread out much farther into our community than any other previous warning. 98% of all viruses are quickly found and added into the detection software of most major anti-virus apps. As a result, most of these warning are only for the fools who do not stay current with their security and their anti-virus apps. This one was different. It was different because those major apps purposefully ignored it. So a lot of us who were acting properly in staying up to date were still infected. So it has hit many more people in the community than a normal situation would result in - even in a normal situation with a virus like this. I am now using 'avast' as my anti virus application, backed by regular downloads of drweb and bitdefeder's free detection scans.
Truth has no value without backing by unfounded belief.
Renderosity
Gallery
I'm glad to hear about virus warnings. Tonight while a friend was visiting, his kid phoned. Her (heavily protected) machine caught Polip from MSN through no fault of her own.
Using the posts from here, that information saved a little kids PC - so please keep posting those repairs and links. Thanks. It really helps.
Pinky - you left the lens cap of your mind on again.
Quote - And how many bloody threads do you need? Now that this one has been co-opted into another bloody virus thread apparently, do we plan on puching all the relevant content to the forum off the front page to fill it with 'Ahh a bloody virus'?!
Quote - he merely asked that we not make a bazillion threads about it causing all Poser related threads to scroll off the screen.
I counted 3 threads on the first page, with this one 4. That's a pretty far cry from filling the first page. :rolleyes:
What we do in life, echoes in eternity.
E-mail
| Renderosity
Homepage | Renderosity
Store | RDNA
Store
drifterlee
I use a file called file_renamer (freeware) to change my exe to zip and then back again.
I use the search in Windows to search for exe in folders and then select the ones that have the dos icon and then send them to the file_renamer change the exe to zip then (I have Dr. Web running) go to dr. Web and select the folders and run it. After it cures things I go back to file_renamer and change everything back to a exe.
I do keep Dr. Web and file_renamer running at the same time (until I am finished)
You have to set file_renamer up (through options) to work with Windows explorer
Good Luck
PoserPro 2014, Windows 7, AMD FX-6300 6 core, 8 GB ram, Nvidia
GeForce GTX 750 Ti
Quote - Mr sparky I am sure that there is an easier way than that to get rid of messenger.
yup install SR2 and MSN Messenger gains the option "do not start at startup" or install a later MSN version which carries that option as standard. (XP comes with MSN 4.5 as a standard part of the install). or get XPLite and remove MSN Messenger totally...
Content Advisory! This message contains violence
Well I am glad for warnings. I've lost a lot due to virus's and trojans in the past.
I have a firewall, antivirus and spam killers both on my machine and on my inet server.
After reading odf this latest one I downloaded cureit and did a scan. Only virus was in The pre-installed folder of AOL, which I DO NOT use. Cureit cleaned it out.
So everything is fine??? No!
This morning I checked my email, checked a file on my mobile HD and all was working like it should. I came back this afternoon and my mobile is a total blank! I am heartsick. All my PSD and Poser stuff was there. I hadn't yet backed up and now all is gone. not only that but my main disk is slow as a snail and hangs on exe files before opening.
Guess it a retore to factory state after all. sigh
I am so upset and sick over losing all my work that I'm considering just not doing any more artwork or selling anything else. It's too painful,
I hope the idiots spreading these nasty thigs get some huge boils where it is the most tender that will last for the rest of their life! (this statement earns the "Violence" tag.)
Let me introduce you to my multiple personalities. :)
BluEcho...Faery_Light...Faery_Souls.
as stormrage has stated.. polip attacks exe (and scr files).. some of the av companies have also been a little 'slow' in including it in their virus defs.. chances are you've been infected with it before the definitions were available... it was discovered on april 21 which means it would have been in circulation prior to that...
its also polymorphic.. meaning.. it changes its virus signature (i.e., its binary pattern) every time it replicates and infects a new file in order to keep from being detected by an antivirus program.
From the Symantec site:
When W32.Polip is installed, it performs the following actions:
I got hit with this one too.. and i update my defs every day! My computer had been acting screwy for a few weeks and i had no idea what was wrong with it. I did a full reinstall of my av with up to date definitions coz it was one of the programs playng up and i was able to see it had attached itself to over 200 exe files on my system.. windows utilities. daz installers.. and other programs.. nothing was left untouched by it.
Also maks sure to turn off system restore... AV cant scan or remove threats from inside system restore.. and it does get into that too. And scan in safe mode.. as that way you dont have any extra processes running.. less for it to impersonate.. or hijack.
Ah yes, system restore won't restore back on my now empty drive.
I had hoped it wasn't really deleted but I guess it is. Can't recover all my info.
Saving what I can from my main disk and will do a complete factory restore on it.
then I'll do a reformat on the empty disk just to be sure it is empty of all nasty things.
Only my most recent images and psd or Poser stuff is fully lost. Everything else was backed up and today I would have backed up again. Too late now. sob
I'm also thinking of asking my server to change my main logon name and IP address to be safe.
Hate this crap!
Let me introduce you to my multiple personalities. :)
BluEcho...Faery_Light...Faery_Souls.
Quote - I just manually uninstalled messenger, I don`t use it anyway.
I tried that, and it took my IE with it.....the reason it continues to load even though you have turned it off, told it not to run, is because it is in your prefetch, if you move it from there to another folder other than the prefetch, it will no longer run...at all and you are all good to go.
This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.
If commercial products for Poser are specifically off topic... Then virus warnings that have NOTHING TO DO WITH POSER are totally off topic. And they REALLY have nothing to do with the Mac I am typing this on. Just stop with the bleeding virus warnings. Take them somewhere else. Like, ask Renderosity to start a 'frivolous virus rumour' forum or something.
I'm the asshole. You wanna be a shit? You gotta go through ME.