Vindekarr Posted February 28, 2011 Share Posted February 28, 2011 (edited) About ten minutes ago I was doing a search on TES Nexus looking for some interesting gear for my new character. I'd been intending to equip it with mod added gear, so i was browing one by one for armour, weapons, spells, ect. And everything was going fine until when the search results for "sword" came up a mal-popup labeled as (string of numbers, couldnt memorise) Dorminor (string of numbers) and immediately started to try and download something onto my system. IE froze entirely, and my security system automaticaly shut down my computer. If you're on TES, be aware, it's a virus and it's very, very agressive. It wont wait for you to open it, in my case it simply launched into download the moment the infected search page had finished loading. At the present moment I have no idea whether it managed to upload anything-I doubt it finished it's work because the entire system's hardware shut off within 15 seconds of it's attempt, however I dont know, and wont say anything more than a warning till I know more. Be careful, this one's agressive in a way I have never seen before. Edited February 28, 2011 by Vindekarr Link to comment Share on other sites More sharing options...
CemeteryN7 Posted February 28, 2011 Share Posted February 28, 2011 People seriously need to find something better to do, why attack this site in the site in the first place, i don't think the site offended anyone, It's not supposed to. Link to comment Share on other sites More sharing options...
CommanderCrazy Posted February 28, 2011 Share Posted February 28, 2011 Thanks for the heads up. Link to comment Share on other sites More sharing options...
Vindekarr Posted February 28, 2011 Author Share Posted February 28, 2011 OK, scan's all done and my PC's clean. Something strange did happen though of that I can assure you. Im about 90% certain this was viral in nature, but what I am 100% sure of is that something's on the loose in the advertising code. My system, just before it auto shutdown showed for an instant "popup blocked for security reasons" and then something tried to download unorthorised data to my system. Whatever it is I'd recomend caution on TES for the time being, this was a freakishly agressive program whatever it was. I have never in my life seen a virus that wasnt hiding in something, let alone one that was lurking around and then agressively trying to overun anything it came into contact with. The few I've dealt with usualy stay inactive till they get downloaded while dressed as something else, but this, this was active pre-download, and didnt even bother to conceal the fact it was a security breach. Then again, that may prove it was the work of an idiot, or some new hyperbad angry virus, I really dont know. Link to comment Share on other sites More sharing options...
evilneko Posted February 28, 2011 Share Posted February 28, 2011 People still use Insecure Explorer? If you're going to use it, at least use IE-SpyAd with Zoned-Out. Zoned-Out is a utility for importing sites en-masse to IE's Restricted Sites list and IE-SpyAd is...just such a list. Link to comment Share on other sites More sharing options...
HellsMaster Posted February 28, 2011 Share Posted February 28, 2011 Sounds like a good antivirus that you have there. what is it? Link to comment Share on other sites More sharing options...
Vindekarr Posted February 28, 2011 Author Share Posted February 28, 2011 A mix of my own instincts, malwarebytes, norton, and a few other smaller spyware/malware killer tools, all of it freeware sabve for Norton. It's nothing unusual-just the standard PC safety gear, what p[robably made the diference was shutting off the transfer before it could download anything, for which I owe some gratitude to IE for alerting me that something amiss was going on. Link to comment Share on other sites More sharing options...
TheCalliton Posted February 28, 2011 Share Posted February 28, 2011 and i was about to go download some modsthanks for the warning, V DUDEi will avoid the download section alltogether till i hear this is resolved and save againcould someone PM me when this happens? Link to comment Share on other sites More sharing options...
SenReality Posted February 28, 2011 Share Posted February 28, 2011 Same happened to me, I use a mixture of them ( I nit pick at what I want and what I KNOW is good from various anti-virus softwares ) for instance, Avast is good for screening for infected search pages, websites and popups - its also good for blocking and alerting you to a potential risk before the webpage has even loaded up, more so - if a virus manages to get onto the computer, Avast ( or how I've fiddled with it ) will immediately force reboot the computer and begin a clean sweep of the main bios - then all OS components, after that it would scan the harddrives in key areas. I also use a custom made spybot and adbot software. However for me when this occurred on TESNexus, the virus was downloaded into a sandbox and was for a brief time while I checked it out, living in this sandbox ( Since it couldn't latch onto anything else, it got stuck ) I found out one thing from it though, and as stated this is a highly aggressive virus, once downloaded it would attack core components of the OS - or even the bios, more so it could ( Dont know if it can or not, but it looks like it can ) imbed itself into the OS like how AOL and MacFee does ( which is a bloody pain in the ass ) So yea bewarned, dont visit TESNexus for awhile UNLESS you KNOW you have a GOOD anti-virus setup; and unlike most viruses where all you have to do if it infects you is turn off the Anti-virus ( Since 95% of viruses online are configured to break through anti-virus software, and without that it wont do crap but just sit inactive. ) this one ignored the anti-virus, doesnt even attempt to hide itself as something else, nor does it even try to avoid the anti-virus, it just pretty much in laymen terms charges xD Link to comment Share on other sites More sharing options...
Fatalmasterpiece Posted February 28, 2011 Share Posted February 28, 2011 Most likely imbeded in one of the ads. Was it flash based or possibly pdf? Probably something adobe in my experience as they leave a lot of backdoors in their addon software for browsers. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now