Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / Planet Renders Forum - Trojan?

Author
Message
Insanity Complex
19
Years of Service
User Offline
Joined: 16th Sep 2005
Location: Home
Posted: 23rd Jul 2009 04:10 Edited at: 23rd Jul 2009 09:38
Link
Well, over at Planet Renders, I'm a frequent visitor. The main website has no problems for me, but when I try to go to the forums, I get an Avast popup that warns of a trojan and forces me to abort the connection.



I did some googling and only found one page that referred to a similar problem, about a year ago. Just yesterday I was visiting the forums with no problems. Any ideas? o.O

[Edit] Main page is now detecting a trojan I hope this gets fixed soon, I'm rather fond of PR


www.aeriagames.com <-They have some decent ones

Attachments

Login to view attachments
Back to top
Profile PM Email
GameDaddy
16
Years of Service
User Offline
Joined: 25th May 2009
Location: Midwest, USA
Posted: 23rd Jul 2009 06:01
Link
Confirmed... the Planet Renders page has probably been infected with some kind of php virus. The forum webhost just sent my browser a tracking cookie which the AV software blocked as I looked over the forum homepage.
Back to top
Profile PM Website
GameDaddy
16
Years of Service
User Offline
Joined: 25th May 2009
Location: Midwest, USA
Posted: 23rd Jul 2009 06:07
Link
Yup, they are loaded with smagma over there! just received a blizzard of additional tracking cookies (which were blocked) from the Planet Renders Home Page. Doesn't appear to have any serious viruses though, just the tracking cookies are going my way, but then, maybe my ISP is catching the smagma and killing it before it reaches the browser here..
Back to top
Profile PM Website
Green Gandalf
VIP Member
20
Years of Service
User Offline
Joined: 3rd Jan 2005
Playing: Malevolence:Sword of Ahkranox, Skyrim, Civ6.
Posted: 23rd Jul 2009 17:36 Edited at: 23rd Jul 2009 17:37
Link
I have a similar problem with thegamecreators.com and Norton which started yesterday. After a long discussion with the Norton Helpdesk the threat was downgraded from a Warning to a Caution - but I can't seem to get rid of the warning.

Anyone else with an up-to-date version of Norton getting this? The Caution can be seen here:

Attachments

Login to view attachments
Back to top
Profile PM Email
NeX the Fairly Fast Ferret
20
Years of Service
User Offline
Joined: 10th Apr 2005
Location: The Fifth Plane of Oblivion
Posted: 23rd Jul 2009 17:55 Edited at: 23rd Jul 2009 17:56
Link
:/

Why are you using Norton of all things? Knowing Norton (I have experience fighting with it) it saw the word virus and went mental.

Back to top
Profile PM Website
Green Gandalf
VIP Member
20
Years of Service
User Offline
Joined: 3rd Jan 2005
Playing: Malevolence:Sword of Ahkranox, Skyrim, Civ6.
Posted: 23rd Jul 2009 19:20
Link
Quote: "Why are you using Norton of all things?"


Good question - but beside the point. [In fact I'll probably be switching to NOD32 (?) when the present subscription runs out.]

Anyway, the question is: how is Norton deciding to display that caution? Is it checking against some centrally held data bank, in which case other Norton users should see the same warning (I've got exactly the same warning on two of my machines, one Vista, other XP)? Or is it checking against some record maintained on my machines? If the latter then I'd like to know how to clear it. The Norton Help desk didn't seem to be familiar with their own software and couldn't help.
Back to top
Profile PM Email
JoelJ
21
Years of Service
User Offline
Joined: 8th Sep 2003
Location: UTAH
Posted: 23rd Jul 2009 20:07
Link
Norton is probably flipping out because it seems that everyone on the forums here are getting viruses

Your mother has been erased by a mod because it's larger than 600x120
Back to top
Profile PM Website
Green Gandalf
VIP Member
20
Years of Service
User Offline
Joined: 3rd Jan 2005
Playing: Malevolence:Sword of Ahkranox, Skyrim, Civ6.
Posted: 23rd Jul 2009 21:47
Link
Quote: "Norton is probably flipping out because it seems that everyone on the forums here are getting viruses"


Yes, I've noticed that too. My guess is that it's a swine flu mutation.

Incidentally, Norton keeps flagging the following file on the TGC site:

https://forumfiles.thegamecreators.com/download/1443220

What are these "forumfiles" and how do we access them? I've noticed various people legitimately include such links in their posts but I've never managed to work out how they found out about them in the first place.
Back to top
Profile PM Email
GameDaddy
16
Years of Service
User Offline
Joined: 25th May 2009
Location: Midwest, USA
Posted: 23rd Jul 2009 23:58
Link
@GreenGandalf

Forumfiles are the files that are attached to a forum post (be it a Jpeg, Png, some DBPro code, or a zip file of all of this).

In the case of the file you mentioned in your post, it has already been deleted or removed, so I can't tell if it has any virus or malware attached to it.

I have also stopped getting JS redirect attempts from Planet Renders. Spyware Doctor has identified all the redirect sites and automatically blocked them, so visits there are no longer tripping the anti-virus scanner.
Back to top
Profile PM Website
GameDaddy
16
Years of Service
User Offline
Joined: 25th May 2009
Location: Midwest, USA
Posted: 24th Jul 2009 00:02
Link
PS, just right-click on the download button of any post with an attachment, and the actual URL of the Forumfile should display in the bottom bar of your browser.
Back to top
Profile PM Website
Insanity Complex
19
Years of Service
User Offline
Joined: 16th Sep 2005
Location: Home
Posted: 24th Jul 2009 00:28
Link
Yeah, thankfully PR seems to be fixed now


www.aeriagames.com <-They have some decent ones
Back to top
Profile PM Email
BiggAdd
Retired Moderator
20
Years of Service
User Offline
Joined: 6th Aug 2004
Location: != null
Posted: 24th Jul 2009 01:10
Link
Quote: "Incidentally, Norton keeps flagging the following file on the TGC site:

https://forumfiles.thegamecreators.com/download/1443220"


I also got the Norton Warning yesterday. The file has been deleted (Which is why you won't be able to access it anymore)

Back to top
Profile PM
Green Gandalf
VIP Member
20
Years of Service
User Offline
Joined: 3rd Jan 2005
Playing: Malevolence:Sword of Ahkranox, Skyrim, Civ6.
Posted: 24th Jul 2009 01:45
Link
@GameDaddy

Quote: "Forumfiles are the files that are attached to a forum post"


Er, so they are.

I was looking at the wrong link (the Download button gives the format I mentioned whereas the View button gives something else and was probably what I looked at). Oh well.

Quote: "I also got the Norton Warning yesterday. The file has been deleted (Which is why you won't be able to access it anymore)"


Are YOU still getting the warning? If not, what did you do to clear it?

Which was main question in the first place:

Quote: "Anyway, the question is: how is Norton deciding to display that caution? Is it checking against some centrally held data bank, in which case other Norton users should see the same warning (I've got exactly the same warning on two of my machines, one Vista, other XP)? Or is it checking against some record maintained on my machines? If the latter then I'd like to know how to clear it."


The reason I'd like to clear it is precisely because the file has been deleted. So why am I still getting the warning?

It seems that not only don't the Norton Help people know - but neither does anyone here. Either that or they just won't say.
Back to top
Profile PM Email
NeX the Fairly Fast Ferret
20
Years of Service
User Offline
Joined: 10th Apr 2005
Location: The Fifth Plane of Oblivion
Posted: 24th Jul 2009 02:13 Edited at: 24th Jul 2009 02:14
Link
The download ID is identical to the post ID. It remains static even if you change the file. You may be able to use this to track down the origin of the file.

Back to top
Profile PM Website
BiggAdd
Retired Moderator
20
Years of Service
User Offline
Joined: 6th Aug 2004
Location: != null
Posted: 24th Jul 2009 04:14
Link
When the file was deleted, I still got the warning.
The file was from a post made over a year ago, so it must take a while for Norton's bots to look through posts.

And yes I'm still getting the yellow warning like you! At least its not as bad as the red warning!

Back to top
Profile PM
Green Gandalf
VIP Member
20
Years of Service
User Offline
Joined: 3rd Jan 2005
Playing: Malevolence:Sword of Ahkranox, Skyrim, Civ6.
Posted: 24th Jul 2009 12:17
Link
Thanks. I feel happier now that I know it's not just me.

Quote: "The file was from a post made over a year ago, so it must take a while for Norton's bots to look through posts."


Interesting. Norton obviously can't scan the whole site all the time - otherwise everything would grind to a halt. So I wonder what it does scan and when? Was this just the tip of an iceberg? Does TGC have software in place that checks the files we try to post. I assumed it would but perhaps I'm wrong?

I wonder where Norton's information about TGC's safety status is held. If it's held on Norton's systems then I guess we'll have to live with the warning till Norton changes its mind about the site.

Quote: "The download ID is identical to the post ID. It remains static even if you change the file. You may be able to use this to track down the origin of the file."


I don't understand the relevance of that. I'm no longer interested in the file - I just want to see an end to the annoying Norton caution (because the offending file has been deleted). Perhaps we'll just have to wait?
Back to top
Profile PM Email
Back to top

Login to post a reply

Server time is: 2025-05-29 20:42:30
Your offset time is: 2025-05-29 20:42:30