Gaming Steve Message Board

Random Encounters => Site News => Topic started by: SmileyMan on April 29, 2007, 12:53:42 pm

Title: Trojan detected on main site.
Post by: SmileyMan on April 29, 2007, 12:53:42 pm
This pops up everytime I load up the main site: (http://img255.imageshack.us/img255/1062/virusdetectedgsdl4.jpg)


Description (http://www.avira.com/en/threats/section/fulldetails/id_vir/1661/html_feebs.gen.html)

/discuss.
Title: Re: Trojan detected on main site.
Post by: LadyM on April 29, 2007, 01:17:52 pm
I don't think it's the site, I think it's your computer. You better run your virus software and figure out how to get rid of it.
Title: Re: Trojan detected on main site.
Post by: SmileyMan on April 29, 2007, 01:21:29 pm
I don't think it's the site, I think it's your computer. You better run your virus software and figure out how to get rid of it.

That webpage is the only place where I get it.  :-\
Title: Re: Trojan detected on main site.
Post by: LadyM on April 29, 2007, 01:26:37 pm
I just loaded the site and I don't get it. Maybe something on it is triggering it. It might also be spyware on your computer, I'd check both things.
Title: Re: Trojan detected on main site.
Post by: Danzik on April 29, 2007, 05:04:16 pm
Considering you're running Photoshop CS2,
I'd guess the virus came from P2P network usage and not this site.

By the way, this particular worm steals credit card data so formatting is probably recommended.

Edit:  More info here (http://www.sophos.com/virusinfo/analyses/w32feebsgen.html) and here (http://vil.nai.com/vil/content/v_142001.htm)
Title: Re: Trojan detected on main site.
Post by: SmileyMan on April 30, 2007, 04:03:36 am
Considering you're running Photoshop CS2,
I'd guess the virus came from P2P network usage and not this site.

By the way, this particular worm steals credit card data so formatting is probably recommended.

Edit:  More info here (http://www.sophos.com/virusinfo/analyses/w32feebsgen.html) and here (http://vil.nai.com/vil/content/v_142001.htm)

But can you explain why the only place I get the warning is the GS main page?
Title: Re: Trojan detected on main site.
Post by: Danzik on April 30, 2007, 04:43:20 am
Antivir flags it on all three PCs in the house.
(Even the DVR, which does nothing online)
AVG, NOD32 and Panda don't pick it up.

I've uploaded the offending file to Antivir. 
Let's see what they say.
I'd guess a false positive.

Quote from: antivir.com
Suspicious Files and Miscellaneous Uploads

Thank you for your submission. Below you can see the current status of the uploaded files.

A listing of files alongside their results can be found below:
File ID     Filename     Size (Byte)    Result
530883     DE0C16D2d01     82.77 KB     UNDER ANALYSIS


Please find a detailed report concerning each individual sample below:
 Filename    Result
 DE0C16D2d01     UNDER ANALYSIS

The file 'DE0C16D2d01' has been determined to be 'UNDER ANALYSIS'.

Still waiting for an answer but, the below is pretty good proof.

(http://img376.imageshack.us/img376/609/antiviryc2.jpg)
Title: Re: Trojan detected on main site.
Post by: Joku2002 on May 02, 2007, 06:42:43 am
I getting that same problem and I just got this PC yesterday morning. because i ordered a brand new one from dell. because I wanted to be prepared for whenever spore is released. and this is the second site I've been on with this one. the first site was yahoo. But I called microsoft because I thought it was just a virus that could have been some how come from yahoo. but they checked both and said this site was "unsafe". whatever is going on needs to be addressed seriously. And not just by saving "it's your PC not our site".
Title: Re: Trojan detected on main site.
Post by: LadyM on May 02, 2007, 07:15:11 am
I'll let Steve know and have him check it out. I still don't think it has one but it's best to be sure.
Title: Re: Trojan detected on main site.
Post by: Danzik on May 02, 2007, 09:09:53 am
Antivir (the company who's software is flagging the site) says it is a false positive.
In other words, it's a bug they'll fix and there's nothing to worry about.
 :)

Quote from: Antivir.com
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00037351.

A listing of files alongside their results can be found below:
File ID     Filename     Size (Byte)    Result
530883     DE0C16D2d01     82.77 KB     FALSE POSITIVE


Please find a detailed report concerning each individual sample below:
 Filename    Result     DE0C16D2d01     FALSE POSITIVE

The file 'DE0C16D2d01' has been determined to be 'FALSE POSITIVE'. Detection will be removed from our virus definition file (VDF) with one of the next updates.
Title: Re: Trojan detected on main site.
Post by: SmileyMan on May 02, 2007, 09:12:22 am
Nice. Good job.
Title: Re: Trojan detected on main site.
Post by: Gaming Steve on May 02, 2007, 09:40:53 am
I have looked into it before but the person who reported it couldn't replicate it.

I will try to find out what this is but I have a virus-scanning program running on the server every single night and I have a report that the site is clean every day.

Those who are getting this error clean out your computer and "remove" this Trojan (if it exists) and then try coming back to the site and just this site to see what happens. I will look into it a bit more on the server-side.
Title: Re: Trojan detected on main site.
Post by: SmileyMan on May 02, 2007, 01:33:54 pm
I have looked into it before but the person who reported it couldn't replicate it.

I will try to find out what this is but I have a virus-scanning program running on the server every single night and I have a report that the site is clean every day.

Those who are getting this error clean out your computer and "remove" this Trojan (if it exists) and then try coming back to the site and just this site to see what happens. I will look into it a bit more on the server-side.

Steve, it's no problem. :) Read Danzik's post above yours.
Title: Re: Trojan detected on main site.
Post by: The_Kev on May 06, 2007, 12:30:15 am
Thank God, I deleted all my virusses yesterday. I thought I would have one again...
You scared me Smileyman... Fwooh.


Though is this a new program? I think I personally won't use it when they have such bugs in their program, that what I think is new.
I use AVG Anti-Virus and it is very great, I would say try it out.
Title: Re: Trojan detected on main site.
Post by: Kcronos on May 06, 2007, 07:57:27 am
AVG is okay, but it messes up my other computer by scanning in the middle of the day instead of in the morning like its supposed to...
Title: Re: Trojan detected on main site.
Post by: The_Kev on May 06, 2007, 09:27:03 am
I don't scan automaticly, with me he automaticly updates everyday. That takes just a short time, only a bit annoying when playing a game and the AVG update window pops-up.
Title: Re: Trojan detected on main site.
Post by: PatMan33 on May 06, 2007, 09:43:07 am
I also use AVG and I have it set to update only when my computer is booting up, that way I get no intrusions.

Sometimes it will begin scanning while I'm doing stuff but it doesn't cause much slowdown so I let it be.
Title: Re: Trojan detected on main site.
Post by: Daxx on May 06, 2007, 09:44:39 am
I'm forced to use AVG by the college's computing policy. I have it set to scan at around 4am, and since I don't bother turning my laptop off it's rarely a problem.