Author Message

MasterExplodr

Rank 3
MasterExplodr
Joined
18 Jun 2011
Posts
1228
Location
Tacoma United States
PostedFeb 11, 2013 3:03 pm
brodysmash14 wrote:
ShieldWarr wrote:
LordKotaro1011 wrote:
ShieldWarr wrote:
As i stated in a different thread about the same problem i deleted both shaiya and DK online plus ignite, i checked every single file in my pc ( which is quite alot ) and guess what ? i found 4 ijji.AVA.dll files running actively in my background keeping a port "OPEN" !!!!!
 


What folder did you find this in specifically? Or any other info you can provide.
Was it hidden? (by that I mean, did you need adjust the settings that show/hide hidden files?).  


Yes they were very much hidden away making it extremely hard to pin them down, i could find the folder direction but when i tried to type it into the search function it could not be found.
Eventually i used my advanced system care 6 program from www.iobit.com and used the "disk explorer" tool i found them right away and sourced them to were they truly were and deleted them.

If a port is being kept "open" even though you have deleted the files/program they originally run from then that is without question a generic trojan keeping access to your pc.  


So aeria is hacking are players now, always knew they would stoop so low. Buncha spy bot wussies.  


Yup. You figured them out. Better delete your toons and uninstall asap. Please. For your own good.
Hmm... forums might be infected too. Should probably stop posting. They might get you.

Advertisement

.TheLoudOne

Rank 2
Joined
24 Jan 2013
Posts
402
Location
United States
PostedFeb 11, 2013 3:19 pm
MasterExplodr wrote:
brodysmash14 wrote:
ShieldWarr wrote:
LordKotaro1011 wrote:
ShieldWarr wrote:
As i stated in a different thread about the same problem i deleted both shaiya and DK online plus ignite, i checked every single file in my pc ( which is quite alot ) and guess what ? i found 4 ijji.AVA.dll files running actively in my background keeping a port "OPEN" !!!!!
 


What folder did you find this in specifically? Or any other info you can provide.
Was it hidden? (by that I mean, did you need adjust the settings that show/hide hidden files?).  


Yes they were very much hidden away making it extremely hard to pin them down, i could find the folder direction but when i tried to type it into the search function it could not be found.
Eventually i used my advanced system care 6 program from www.iobit.com and used the "disk explorer" tool i found them right away and sourced them to were they truly were and deleted them.

If a port is being kept "open" even though you have deleted the files/program they originally run from then that is without question a generic trojan keeping access to your pc.  


So aeria is hacking are players now, always knew they would stoop so low. Buncha spy bot wussies.  


Yup. You figured them out. Better delete your toons and uninstall asap. Please. For your own good.
Hmm... forums might be infected too. Should probably stop posting. They might get you.  


Well Explo... as silly as it sounds, what other reason is there for these executables to be hidden so thoroughly and still remain after an un-install and not only remain, but still keep an open port in your system... it may not be sinister, but it is definitely intrusive.

ShieldWarr

Rank 2
ShieldWarr
Joined
27 Jan 2011
Posts
404
Location
United Kingdom
PostedFeb 11, 2013 4:04 pm
Exactly, and very well put may i add.

only the foolish laugh at such a thing as this, this is without doubt a majorly intrusive behaviour from a games company who condone and actively encourage child gambling on there website/item mall and publicly abuse there customers on this very forum if spoken against.

Keeping a port "open" on so many customer PC's is not a laughing matter or a matter for immature jokes of conspiracies, it is what it is and a severe breach of trust.

MasterExplodr

Rank 3
MasterExplodr
Joined
18 Jun 2011
Posts
1228
Location
Tacoma United States
PostedFeb 11, 2013 4:32 pm
ShieldWarr wrote:

immature jokes of conspiracies,  



Did someone say.............

brodysmash14

Rank 2
brodysmash14
Joined
03 Jul 2012
Posts
605
Location
Largo Florida United States
PostedFeb 11, 2013 4:42 pm
MasterExplodr wrote:
brodysmash14 wrote:
ShieldWarr wrote:
LordKotaro1011 wrote:
ShieldWarr wrote:
As i stated in a different thread about the same problem i deleted both shaiya and DK online plus ignite, i checked every single file in my pc ( which is quite alot ) and guess what ? i found 4 ijji.AVA.dll files running actively in my background keeping a port "OPEN" !!!!!
 


What folder did you find this in specifically? Or any other info you can provide.
Was it hidden? (by that I mean, did you need adjust the settings that show/hide hidden files?).  


Yes they were very much hidden away making it extremely hard to pin them down, i could find the folder direction but when i tried to type it into the search function it could not be found.
Eventually i used my advanced system care 6 program from www.iobit.com and used the "disk explorer" tool i found them right away and sourced them to were they truly were and deleted them.

If a port is being kept "open" even though you have deleted the files/program they originally run from then that is without question a generic trojan keeping access to your pc.  


So aeria is hacking are players now, always knew they would stoop so low. Buncha spy bot wussies.  


Yup. You figured them out. Better delete your toons and uninstall asap. Please. For your own good.
Hmm... forums might be infected too. Should probably stop posting. They might get you.  


You think I would leave that easy?

I've Quite, and Have no plans on returning! さよなら。

TotallyJay

Rank 3
TotallyJay
Joined
17 Dec 2010
Posts
1583
Location
United States
PostedFeb 11, 2013 4:58 pm
.TheLoudOne wrote:


Well Explo... as silly as it sounds, what other reason is there for these executables to be hidden so thoroughly and still remain after an un-install and not only remain, but still keep an open port in your system... it may not be sinister, but it is definitely intrusive.  


http://en.wikipedia.org/wiki/Antivirus_software <-- look at false positives
http://www.rohitab.com/discuss/topic/31681-c-run-program-from-memory-and-not-file/ <-- Basic reason for the cause of Shaiya's false positive
http://en.wikipedia.org/wiki/Memory_leak <-- reason AVA.dll's are hanging, most likely.

Last sentence is correct, imo. But probably nothing intentional by anyone. I can write a program right now that will be detected as a virus. And it won't do anything but load Notepad.exe in memory.

PS: DLL's aren't executable files.

ShieldWarr wrote:
Exactly, and very well put may i add.

only the foolish laugh at such a thing as this, this is without doubt a majorly intrusive behaviour from a games company who condone and actively encourage child gambling on there website/item mall and publicly abuse there customers on this very forum if spoken against.

Keeping a port "open" on so many customer PC's is not a laughing matter or a matter for immature jokes of conspiracies, it is what it is and a severe breach of trust.  


Pay attention to what you're supposed to be reading when you click "I agree".

You keep spouting this annoying nonsense about open ports. Have you sniffed the traffic? Do you what's being transmitted, if anything? What programs are you using to detect the port activity? Have you debugged the DLLs or loaded them to see what functions they offer if native compiled?

I'm going to say no to all of the above based on your posting above and not understanding why you couldn't see hidden files in Windows Explorer.

.TheLoudOne

Rank 2
Joined
24 Jan 2013
Posts
402
Location
United States
PostedFeb 11, 2013 5:34 pm
TotallyJay wrote:
.TheLoudOne wrote:


Well Explo... as silly as it sounds, what other reason is there for these executables to be hidden so thoroughly and still remain after an un-install and not only remain, but still keep an open port in your system... it may not be sinister, but it is definitely intrusive.  


http://en.wikipedia.org/wiki/Antivirus_software <-- look at false positives
http://www.rohitab.com/discuss/topic/31681-c-run-program-from-memory-and-not-file/ <-- Basic reason for the cause of Shaiya's false positive
http://en.wikipedia.org/wiki/Memory_leak <-- reason AVA.dll's are hanging, most likely.

Last sentence is correct, imo. But probably nothing intentional by anyone. I can write a program right now that will be detected as a virus. And it won't do anything but load Notepad.exe in memory.

PS: DLL's aren't executable files.

ShieldWarr wrote:
Exactly, and very well put may i add.

only the foolish laugh at such a thing as this, this is without doubt a majorly intrusive behaviour from a games company who condone and actively encourage child gambling on there website/item mall and publicly abuse there customers on this very forum if spoken against.

Keeping a port "open" on so many customer PC's is not a laughing matter or a matter for immature jokes of conspiracies, it is what it is and a severe breach of trust.  


Pay attention to what you're supposed to be reading when you click "I agree".

You keep spouting this annoying nonsense about open ports. Have you sniffed the traffic? Do you what's being transmitted, if anything? What programs are you using to detect the port activity? Have you debugged the DLLs or loaded them to see what functions they offer if native compiled?

I'm going to say no to all of the above based on your posting above and not understanding why you couldn't see hidden files in Windows Explorer.  



Thanks Jay.... appreciate you still hanging out here and filling in tech data we can rely on.

ShieldWarr

Rank 2
ShieldWarr
Joined
27 Jan 2011
Posts
404
Location
United Kingdom
PostedFeb 11, 2013 7:29 pm
TotallyJay wrote:
.TheLoudOne wrote:


Well Explo... as silly as it sounds, what other reason is there for these executables to be hidden so thoroughly and still remain after an un-install and not only remain, but still keep an open port in your system... it may not be sinister, but it is definitely intrusive.  


http://en.wikipedia.org/wiki/Antivirus_software <-- look at false positives
http://www.rohitab.com/discuss/topic/31681-c-run-program-from-memory-and-not-file/ <-- Basic reason for the cause of Shaiya's false positive
http://en.wikipedia.org/wiki/Memory_leak <-- reason AVA.dll's are hanging, most likely.

Last sentence is correct, imo. But probably nothing intentional by anyone. I can write a program right now that will be detected as a virus. And it won't do anything but load Notepad.exe in memory.

PS: DLL's aren't executable files.

ShieldWarr wrote:
Exactly, and very well put may i add.

only the foolish laugh at such a thing as this, this is without doubt a majorly intrusive behaviour from a games company who condone and actively encourage child gambling on there website/item mall and publicly abuse there customers on this very forum if spoken against.

Keeping a port "open" on so many customer PC's is not a laughing matter or a matter for immature jokes of conspiracies, it is what it is and a severe breach of trust.  


Pay attention to what you're supposed to be reading when you click "I agree".

You keep spouting this annoying nonsense about open ports. Have you sniffed the traffic? Do you what's being transmitted, if anything? What programs are you using to detect the port activity? Have you debugged the DLLs or loaded them to see what functions they offer if native compiled?

I'm going to say no to all of the above based on your posting above and not understanding why you couldn't see hidden files in Windows Explorer.  


Since you seem to know quite abit about how to find and figure out what it is , then i humbly request you to find them and do all you mentioned yourself and post your results, money were your mouth is to coin a phrase and for lack of a better term.

TotallyJay

Rank 3
TotallyJay
Joined
17 Dec 2010
Posts
1583
Location
United States
PostedFeb 11, 2013 7:41 pm
ShieldWarr wrote:


Since you seem to know quite abit about how to find and figure out what it is , then i humbly request you to find them and do all you mentioned yourself and post your results, money were your mouth is to coin a phrase and for lack of a better term.  


Since you seem to know nothing, maybe you should quiet down.

I just told you what it was.

http://en.wikipedia.org/wiki/Antivirus_software <-- look at false positives
http://www.rohitab.com/discuss/topic/31681-c-run-program-from-memory-and-not-file/ <-- Basic reason for the cause of Shaiya's false positive
http://en.wikipedia.org/wiki/Memory_leak <-- reason AVA.dll's are hanging, most likely.

ShieldWarr

Rank 2
ShieldWarr
Joined
27 Jan 2011
Posts
404
Location
United Kingdom
PostedFeb 11, 2013 8:28 pm
TotallyJay wrote:
ShieldWarr wrote:


Since you seem to know quite abit about how to find and figure out what it is , then i humbly request you to find them and do all you mentioned yourself and post your results, money were your mouth is to coin a phrase and for lack of a better term.  


Since you seem to know nothing, maybe you should quiet down.

I just told you what it was.

http://en.wikipedia.org/wiki/Antivirus_software <-- look at false positives
http://www.rohitab.com/discuss/topic/31681-c-run-program-from-memory-and-not-file/ <-- Basic reason for the cause of Shaiya's false positive
http://en.wikipedia.org/wiki/Memory_leak <-- reason AVA.dll's are hanging, most likely.  


Im not talking about false positives, im talking about 4 files keeping a port "open" and yes i know for a fact its being kept open...they should have been deleted with shaiya/DKonline and or ignite but wasnt...all i have seen so far from you is that you know how to access wikipedia, congratulations you have joined millions of others who can too, i put it to you again prove this is not a generic trojan keeping a backdoor "open" i dont need to prove anything as its quite simple to delete all aeria files and search for the ijji files and see that they exist are actually there and keeping a port open...money were your mouth is please.

Display posts from previous:   Sort by: