Jump to content

[Updated] Nexus Trojan/Virus alert


Dark0ne

Recommended Posts

  • Replies 335
  • Created
  • Last Reply

Top Posters In This Topic

with regards to those still suffering from the nexus RED screen of death:

if u are running firefox open up the "tools" tab. click options, then click security, uncheck the box "block reported attack sites. This will solve the issue temporarly but make sure to turn it back on after the issue has been resolved as it will INCREASE the chance of your being infected by another site. I did this to firefox and simply use Chrome for everywhere else.

Link to comment
Share on other sites

How can you put a malicious advert ?????? It's such a stupid thing, i cannot understand, someone carring the tes nexus ad's section should be replaced ..... In addiion to some adds that try to borrow your money.

 

This site is a precious site, but this people that takes care now about the ads they are harming it.

Yes but there are not enough Premium Members to support the monthly bill and thus, the addition of the ads are still required.

 

LHammonds

 

 

The problem isn't the ad's, logically they are needed, the problem is the one that purchased this ad without looking it's content, and I claimed that there should be a minimum quality control, to avoid not only viruses, thought also the ads that ask for your credit card data ...

 

Beware of ads.

 

what has happened is very bad since it will limite new upcoming users from now. Nobody registers a attacking site. Each day it passes it will be worst.

Link to comment
Share on other sites

"It's simply wicked people, normally from Eastern Europe and Asia"

Racist? :P

Would it be better if restated as: "most frequently, based on statistical analysis, (see the Center for Internet Security (CIS) work on the topic) operating in Eastern Europe and Asia"? A dig not at the ethnicity of the residents, but at the governance prevalent in much of that part of the world? Criminals prefer to operate where local authorities are either weak, or complicit, (or both.)

Link to comment
Share on other sites

what if I have chrome?

 

 

Well, you could have paid attention to the thread. I posted instructions for Chrome and Opera only a couple pages back.

 

 

I don't know if you can do this but, it's possivle to find a permanent ad for the website?

i mean, these random ad producer sometime make my browser freeze, and believe me, it's a ad problem, as a AMD phenom 2 with a HD5850 and 8gb memo shouldn't freeze so easily, when i scroll down and remove the ads from the screen, the browse works fine again

 

i know the site need some ads, but, can it be a permanent, trustable ad?

 

Sounds like a browser problem to me.

Link to comment
Share on other sites

Well got back from a weekend trip and it seems Google at last have removed the restriction. I can move (with FireFox) around freely on fallout3nexus without any annoying Warnings, so if more can confirm it this can give Dark0ne the pleasant work to tell this issue is solved :biggrin:

 

Update: Oh, well for me it has moved to tesnexus now, got a red warning on http://www.tesnexus.com/downloads/top.php now instead. Google :wallbash:

Link to comment
Share on other sites

Please beware everyone! I was one of the unfortunate ones to get attacked by this $&*#ing trojan (even with registered AVG installed) and it's a PAIN to fix. I've spent a good 8 hours working on the problem and although an entire system scan results in no virus found, I still have very limited access and if online too long, my pc will lock up (due to a highjacking I'm guessing) and one of my "svchost.exe" processes starts eating up my cpu memory like crazy. If anyone out there knows of a fix for this recent attack, PLEASE message me and let me know! I really don't want to re-format my 1TB drive... (>_<)

 

Heya CME, I hope this info helps. Review this for a list of what my logs popped up:

http://www.thenexusforums.com/index.php?/topic/240888-nexus-trojanvirus-alert/page__view__findpost__p__2146374

 

I would suggest downloading and running Malwarebytes since it turned up and fixed the rootkit.

I would also suggest downloading and running the Norton Tidserv HTTPS exploit scan and fix. ( It can't hurt to try it. )

 

Also if you haven't run Microsoft update in some time you can sometimes "wash" a corrupted system by running a major patch. ( it moves system drivers and so forth to a patch uninstall directory after its done and sometimes a "stealth program" will turn up there on a scan after the patching ). If your not running a 100% legal copy of windows you probably don't want to try the patching route.

 

Also, its wise to keep multiple anti-virus packages/anti-malware/anti-spyware packages on hand. You don't need to have them all active but scans from different packages will sometimes turn up things others missed.

 

P.S. About 6 months ago my Sysadmin groups was tasked with evaluating a enterprise anti-virus solution ( the license on our current was expiring).

We scowered hacker sites and compiled a CD composed of close 500 different viruses ( in both uncompressed and compressed formats ) and then ran each of the virus scanners we were evaluating against it. The best ones were averaging in the 90 to 95 percent range but none of the them found all of them and each of them found a few that none of the others did. ( Keep in mind this was evaluating a enterprise solution and not a home user version so the playing field was very different )

Link to comment
Share on other sites

 

Update: Google is reporting the site as malicious right now. This is a report from before the fix and despite the problem being fixed there is some lag on getting delisted from Googles filters. Their webmaster tools report the site is completely clear of Malware so this should just be a waiting game.

 

Update #2: It's now Sunday morning here in the UK and Google are still yet to unblock TESNexus from their blacklist. Fallout 3 Nexus was on their blacklist for around 8 hours and was removed early yesterday. The irony is Fallout 3 Nexus and TESNexus use the same adserver and ergo had the same issues, so if Fallout 3 Nexus is clean, so is TESNexus. Their Webmaster Tools system continues to tell me the site has been inspected and confirmed clear of issues. Please be patient while we wait for Google to pull their thumbs out.

 

In the mean-time if you are confident in your system's security then HugePinball has written out how to remove the false malware warning when browsing TESNexus.

just to place this at the "top" so to speak cause some folks seem to have missed the update:

 

see the link in the OP for best practice In the mean-time if you are confident in your system's security then HugePinball has written out how to remove the false malware warning when browsing TESNexus.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...