Jump to content

[Updated] Nexus Trojan/Virus alert

Dark0ne

By Dark0ne
in Site Updates

 Share

Recommended Posts

  • Replies 335
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Eiries Mentor

Eiries

Posted
Posted

To disable the warning in Firefox, see this post.

 

In Chrome and most Chrome-clones (such as SRWare Iron and Chrome+), it's Options - Under the Hood - Uncheck "Enable phishing and malware protection."

 

In Opera, it's under Settings - Preferences - Advanced - Security - uncheck enable Fraud and Malware protection.

 

Just throwin' it out there, instead of allowing all reported sites, you can simply click on Exceptions, put in the urls of the Nexus sites, and click Allow. Tried and tested. :)

 

As is, the damn thing's blocking both Nexus' search features and endorsements. Ugh.

 

EDIT: Scratch that, apparently it only allows whatever page you put in, and not just the entire domain. What an idiotic way of building that feature.

Link to comment
Share on other sites
yeahchris Enthusiast

yeahchris

Posted
Posted

Personally I do not understand the interest in hacking or destroying someone elses computer, or anything else for that matter. It astonishing how many people "get off" on this type of behaviour. Hopefully the site is going or is in the process of contacting major anti-virus companies to remove the site from the threat list.

 

Best Regards,

Cat

There's more to trojans than merely wrecking someone else's computer. Once infected it is possible for the virus to steal your passwords -- it's possible to steal pretty much any password you enter while using the infected system. It could be, for instance, your email password, which would allow them to send out an email to your contacts in the hopes of infecting their computers. It could also be a password for online banking, or they might just try and steal your personal information, such as your social security number or credit card numbers, in the hopes of being able to steal your identity.

 

Hence my policy of running noscript, not getting bugs as often as I can, and wiping my system clean whenever there's a chance that I might have not *completely* removed a given bug from my system. You don't know what information it might be stealing, nor to whom it might be sending it, and it's just not worth the risk, even though a full reinstall is a female dog.

Link to comment
Share on other sites
tek5828 Contributor

tek5828

Posted
Posted (edited)

According to google,

 

of the 20 pages that we tested on the site over the past 90 days,

2 page(s) resulted in malicious software being downloaded and installed without user consent.

 

 

The last time that Google visited this site was on 2010-09-24, and the last time that suspicious content was found on this site was on 2010-09-24.

 

 

Malicious software includes 2 trojan(s), 2 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine.

 

So that means malicious code was found yesterday, today being the 25th.

 

That means that Dark0ne has found and exterminated the malicious code / ad not long after Google has been alerted.

 

f03 nexus is registering as clean, now all we have to do is wait for google to re scan tesnexus and call it clear.

 

and...

I hate malicious software!

 

I run full purchased version of Trend Micro, as well as Avira simultaneously, as well as frequent scans, constant updates and the occasional Hijack this scan. I AM OBSESSIVE about the performance of my computer, so any kind of threat PISSES ME OFF!

 

Thankyou for fixing it! and thankyou Anti virus programs!

 

Edited by tek5828
Link to comment
Share on other sites
lera213 Contributor

lera213

Posted
Posted (edited)

I am still getting the malware message when I enter.

 

Having just re-formatted my hubs PC from the Microsoft Essential virus, I sure do not want to go through that again!

 

His system is so old, it took me forever to locate the correct divers!

 

Oh crap, been running a full deep scan using Spyware Doctor (PC TOOLS) and it has found so far. I disabled my virus protection last night to play the game and I did, log in here:

Generic Downloader Trojan (elevated)...can you tell me the name of the Trojan from this ad please...someone?

 

 

TT_Downloader, attached to Sun Java, in my cache folder. Fixed and running another deep scan.

Edited by lera213
Link to comment
Share on other sites
Echelon Apprentice

Echelon

Posted
Posted

At the moment i am still getting "reported bad site". I'm on Google Chrome Browser.

 

 

Warning: Visiting this site may harm your computer!

 

The website at www.thenexusforums.com contains elements from the site www.fallout3nexus.com, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.

For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for www.fallout3nexus.com.

Learn more about how to protect yourself from harmful software online.

 

I understand that visiting this site may harm my computer.

Link to comment
Share on other sites
gettter Newbie

gettter

Posted
Posted

Threat Report

Total threats found: 6

 

Drive-By Downloads (what's this?)

Threats found: 6

Here is a complete list: (for more information about a specific threat, click on the Threat Name below)

 

Threat Name: MSIE ADODB.Stream Object File Installation Weakness

Location: http://fallout3nexus.com/modules/members/index.php?id=128909

 

Threat Name: MSIE ADODB.Stream Object File Installation Weakness

Location: http://www.fallout3nexus.com/modules/members/index.php?id=309068

 

Threat Name: MSIE ADODB.Stream Object File Installation Weakness

Location: http://www.fallout3nexus.com/modules/login/index.php?redirect=/modules/login/index.php?redirect=/

 

Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness

Location: http://www.fallout3nexus.com/modules/login/index.php?redirect=/

 

Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness

Location: http://fallout3nexus.com/

 

Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness

Location: http://www.fallout3nexus.com/downloads/filesofthemonth.php

 

just recently visted the report from internet security if that helps any

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...