
At the moment, the C&C server is down and does not pose a potential threat.įor more confidence, you can block this IP at the system level. If you cant find an answer to a question here, please feel free to contact our experts on our forums. Get full access to the software used to model and render detailed 3D characters, photorealistic designs, and complex scenes for film and TV, games, and design visualization projects. We are dedicated to providing you with all the resources you need to bring your dreams to life in 3ds Max. Download a free 30-day trial version of 3ds Max. From intricate details on characters and objects to jaw-dropping environments and worlds, 3ds Max® software is the tool of choice for creating immersive game experiences and visualizing complex designs. The virus could execute arbitrary code by accessing the C&C server via IP: 175.197.4061. Autodesk 3ds Max Asset Library 3ds Max Help Archive 3ds Max Learning Center. Fortunately, a signature has been added to Prune Scene that removes the remnants of this malicious code. We managed to find out that this virus is a part of PhysXPluginMfx, which was rarely found on the Internet and therefore neither Autodesk Security Tools nor Prune Scene could detect it earlier. Many thanks to the specialists from ESET, especially Mathieu Tartare, for decompiling obfuscated.

At the moment, works on disassemble, to establish the exact threat! NET 4.5 assembler (executing code from obfuscated *.dll file)Ī *.dll file with a virus on the VirusTotal website is recognized as Kryptik.XLW and carries a threat.

