Virus? (solved)

Discussion in 'Forum Help & Feedback' started by Cjimmy99, Dec 9, 2011.

Thread Status:
Not open for further replies.
  1. Cjimmy99 Blazing Wheel

    I was innocently looking at the Terraria forums, when suddenly the window closed and I learned that "Win 7 2012 the security program" was not turned on. Apparently, this was supposed to be involved with windows, although it was unconvincing, as it expected you to pay money for it, and windows is famous for its free and AWESOME security programs. Anyways, I have reason to believe this virus came from the signature of another player on the forums, because I was on a topic at the time. The virus did hit my computer at the time that I was looking on the forums, and the forums obviously are not dangerous, so I'm sure it was in something else: a player's signature. Just a heads up to other forumers (stay away from the topic "One and one seventh week aniversary Terraria"), it may be possible for you to get a virus from the sight (my computer is fine now fortunately). If there is not already a button that allows you to block signatures, I suggest that the developers make one. Thank you for your time.
  2. kirabook ModMin

    Well, can you specify which signature? If a signature gave you a virus, other users are at risk and we need to get it taken care of.
  3. Graceful Assassin No. XI MARLUXIA

    My virus scanner goes off as well when browsing TO sometimes, I thought it was just me. I just ignore it since Avast has my back.

    That specific virus you speak of is a Worm, it may just have been coinicidence as you were browsing the forums at the time of the attack. usually I get Mal-Gens, avast quickley deletes them.

    That virus is mean, hate it, nothing to do but a system restore.
  4. Cjimmy99 Blazing Wheel

    I didn't exactly memorize the usernames of the people on the topic, and I payed attention to the posts, not the signature. I'm pretty sure it was one of those viruses that gets activated without you having to actually click something. The name of the topic is in the description, if you wanna check it out or delete it.
  5. Bobrocket WANTS TO PUNCH STUFF

    No one could have had server-side scripts on many websites without ftp control.

    Could you give us some more insights of the incident? Timezone, occured time etc.
  6. Cjimmy99 Blazing Wheel

    Certianly. According to the computer, it was a trojan virus, and it happened at 3:17 CST (4:17 EST). I find it unlikely that it would be a coincidence, for I had not recently visited any websites that may contain viruses.
  7. Bobrocket WANTS TO PUNCH STUFF

    What was the last thing you downloaded?
  8. Cjimmy99 Blazing Wheel

    It's a lego digital designer thing. Millions of people have downloaded it, and it's an official product from the lego company, and no one has reported a virus from it. Plus, I didn't download it the day I got the virus. Oh, I just got the name of the most recent poster: Kidef242. Could you check out his signature?
  9. Bobrocket WANTS TO PUNCH STUFF

    His signature is clean.
  10. Cjimmy99 Blazing Wheel

    OK then. Well, perhaps it was just a coincidence. The most you can do is delete the topic.
  11. AllanJH Demon Eye

    The only virus infection method that could work through a forum signature (i.e. an image with embedded malicious code) would be what is called "GIFAR" and it's been patch for several years in all major browsers. Info: http://www.infoworld.com/d/security-central/photo-can-steal-your-online-credentials-306
  12. Cjimmy99 Blazing Wheel

    WAIT, I GOT MORE NAMES. Bobrocket, rollder. Well, it certianly wasn't bobrocket, I looked at his signature many times on this topic... Check rollder.
  13. AllanJH Demon Eye

    There is no way that a forum signature gave you a virus. I recommend checking your browsing habits and maybe installing Web Of Trust on your browser.

    I did check rollder, and he doesn't have any signature data. Terraria Online isn't the source of your virus.
    confuzzledyma likes this.
  14. Cjimmy99 Blazing Wheel

    And so, everything is safe. ^_^ It was just a coincidence... Thank you for your help guys!
  15. Klapp Tortoise

  16. Kelp Moderator

    Win7 Security 2012 you say?

    Someone reported having WinXP Security 2012 Malware not too long ago.

    If you visited any fishy sites, then that would probably be the cause.

    I'll make sure to check all of the signatures I come across (specifically the "clickies") as this sort of Virus/Malware cannot easily enter your computer with you doing nothing, you've got to have clicked something in most cases. The occasional malicious ad, image clicky, video stream, direct link, all of these things could directly download this if you're careless.

    Due to the nature of this virus/malware it is unlikely that it just came from viewing an image or signature, this needs some sort of authorized download.

    Good to see that you took care of this problem though, 99% chance that it did not originate from here.
  17. Rydian Floaty Gross

    There's misinformation here that needs to be corrected.

    1 - Most infections online nowadays come from advertisements, and can show up on almost any site that displays ads.
    http://www.wired.com/threatlevel/2009/09/nyt-revamps-online-ad-sales-after-malware-scam/

    2 - "False positives" are common, and often come with generic names. These are due to heuristics.
    http://en.wikipedia.org/wiki/Heuristic_analysis
    Actual infections most often have a specific identifying name/label, such as "Fojack" or "Hidrag". Any reports about infections should be accompanied with information about it. What was the filename, where was it located, what was the given name of the infection, what program notified you of it? These are very important details in order to discern both whether a report is a false positive or an actual issue, and if it's an actual issue to know more about what it's doing to the users.

    3 - You don't need to click shit in order to get infected. Modern infections count on security vulnerabilities in order to get in without you having to expressly grant them permission. Hell, most firefox updates that are pushed quickly (going by sheer numbers) are to close security holes.
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
    Check the "impact key" for "critical".
    Notice that Firefox 8 fixed three such holes.

    4 - You don't need to restore your system to remove an infection. Modern removal tools are much more sophisticated than they used to be, when combined with a modern operating system (meaning Vista/7, not XP's ancient ass) removal is most often possible with much less hassle than a reinstall.
    Novate and Graceful Assassin like this.
  18. Graceful Assassin No. XI MARLUXIA

    Thanks Rydian, you're awesome. Rydian has provided some useful information I think I would like to end this thread with his answer, even though the OP got his answer awhile back. I'm going to lock this as it was long resolved and Rydian provided just the kind of post I would want to end with.

    Resolved. Locked.

    [IMG]
Thread Status:
Not open for further replies.

Share This Page