THERE IS A TROJAN VIRUS ON THE NEXUS

[Deleted1324428User]

I'm running MSE here and although it didn't pop up with any warning, I noticed that Firefox had blocked whatever wanted to load as well as the random download pop-up to download the malicious file. The site was fine earlier in the day but as soon as the late hours rolled around, it struck. As of right now, it's still trying to do its thing.

[ThomasKaira]

There is still a malicious program worming its way around the website. I just received another AVG alert about 10 minutes ago, and an accompanying MalwareBytes scan discovered a Trojan.Fakealert (read: it installs Rogue Security Software) had found its way into my computer. I think I manage to catch it before it could cause any real damage, but nonetheless I have to put the site on my "Do Not Visit" list for awhile.

 

Hope you can get the issue resolved with due speed, Dark. :smile:

[Gracinfields]

Yea the threat ended up penetrating my system yesterday, I pasted the info on to Vacant. The file it uploads is a rouge anti virus software, that can be called a Trojan. The Progam is Call Desktop Secuirty 2010 http://www.bleepingcomputer.com/virus-removal/remove-desktop-security-2010 it was able to enter via JAVA coding. I think it may be tied to the hack attempt on the site a while back on 7/12/2010 as I was digging I noticed Java turned on by itself when it was turned off, so I check my add on and found that an unverified version of Java was uploaded into the browser on that 7/12/2010. (Never would have though of the add ons if it wasn't for Vacant again major kudos) When I finally got the program off my system came back and checked the date of the previous hack on the site date 7/12/2010 :( guess they did sneak something in on my system that day and the AV didn't pick it up. Got ride of Java now and adding a bit more security to the system now that this hole was revealed to me.

[Nadin]

Beat me to it. It doesn't seem to DL with normal files, but upon first contact it will download a file named FILE.php.

Lucky for me my java's outdated. :D

[Nadin]

The file downloads at the main site, FOTM, two random members, and whenever you login. So...you know....don't do that.

[Dark0ne]

I believe this issue to have now been fixed having found the culprit and patched the hole. For further discussion please go to this new file thread.

[Raye]

I also have been getting popups from AVG, and It seems to appear most often on the popup window when you begin a download. I will try to get a screenshot next time it happens, though it will look like all the other AVG screenshots. Any files I have downloaded have been completely free of viruses, though. my first thought was the ads as well. Also, Google has gotten in on the bandwagon, the site is now listed as a 'badware' site, you can find more information here: http://www.google.ca/url?sa=t&source=web&cd=3&ved=0CCYQFjAC&url=http%3A%2F%2Fwww.tesnexus.com%2Fdownloads%2Fcat.php%3Fid%3D26&ei=YZycTOY8hsSwA6Wg6NUB&usg=AFQjCNFDAgC4vaAHWidifgN81j_I2PgCng&sig2=Nntj1wBdg7VjHHvV-LZ1Mg (sorry for the stupidly long URL)