Ship Simulator
English forum => Small talk => Topic started by: grampsmorris on December 24, 2009, 21:08:36
-
The following warning showed up this morning after Avast updated definitions. Do we have a problem or is this a false warning?
Thanks
Gordon
-
[UPDATE]
I am changing this response. This mornong, Norton also started to warn about a problem.
-
Hopefully I don't get shunned for asking this, but I'm just curious:
Why has their software gotten less reliable and what might lead them to think that this is a dangerous site?
EDIT:
Also Terry, you might find this interesting: When I was having problems getting on the forum earlier this year, AVG Safe Search, and WOT both said this was a bad website, BUT I'm positive they were talking about the website I was being redirected to, as it appears. Just thought I'd give my two cents. :)
-
I am changing this response. This morning, Norton also started to warn about a problem.
-
That same error came up every time I wanted to go to the home page of shipsim.com. The rest of the pages at the website are fine but not the Home. I think I will uninstall Avast to keep the connection fine, without false Viruses. Just a thought
-
probally no worries, no warnings from norton for me
-
Nothing from Trend Micro or McAfee
-
Must be Avast! only.
-
AVG say the same as Avast.
-
Norton also say it and if i go to www.shipsim.com then my explorer crash.
-
I have changed response. This morning, Norton also started to warn about a problem.
I strongly suggest that you do not currently go to the www{dot}shipsim{dot}com page, until we know what is happening.
-
When I tried shipsim.com a few hours ago, I got a yellow-band ActiveX warning that the site was trying to run Microsoft Data Collection Control. I immediately exited IE.
I’ve gone there a few times since, without getting the warning.
Strange.
-
maybe the trojaner are installed on you pc, if i was you i will run a complete virus check on the pc and norton found a virus
when i did that i got the warning again, so do not allow the ActiveX to run
Tore
-
I highly recommend to not use norton.
I've done several test with Norton and Avast Free Version.
and i've scanned some files on my old computer. and Avast detected Trojan while Norton said it were cleaned..
A cool program(a scan program) Malware Bytes free is a scanning program that scans through your computer and finds any infected files ;)
srry for off topic :D
-
This has also happened to me, only today not before.
-
NOD32 Ver. 4 (last updated 26.12.2009)
Also finds Trojan.
-
I have also received a spyware virus today. Not sure if it was from the shipsim website, but it was causing my computer to run slow and then freeze.
Best advice - start in safe mode - control panel - add/remove programmes and then remove it - mine was a programme called relevant information.
Also, task mgr and under processes just to make sure its not running!
-
But before you all get into headless chicken mode, bear in mind that it could be one of the adverts in the banners that is causing the problem. That might be why it only shows up from time to time.
And it might still be a false positive.
-
Hello @ *,
Kaspersky Anti Virus alerts me, too:
26.12.2009 19:48:31 Gefunden: Trojan-Clicker.JS.Iframe.db Firefox http://met-art-com.koubei.com.mpnrs-com.theatticsale.ru:8080/mihanblog.com/mihanblog.com/baixing.com/google.com/travian.ae/
Is it critical?
Bye, Daniel
-
Thanks Terry and all of you folks. I feel better that it is not just me having the problem. I will not stay on the site for long and will check back from time to time. I hope we can get this resolved soon as I will miss the site.
Gordon
-
Hello @ *,
Kaspersky Anti Virus alerts me, too:
26.12.2009 19:48:31 Gefunden: Trojan-Clicker.JS.Iframe.db Firefox http://met-art-com.koubei.com.mpnrs-com.theatticsale.ru:8080/mihanblog.com/mihanblog.com/baixing.com/google.com/travian.ae/
Is it critical?
Bye, Daniel
Why are you going there? To see if you can catch something? How daft... :doh:
-
so terry, if I have all the ads blocked, with adblock, it's less likely that I'll see this virus?
-
so terry, if I have all the ads blocked, with adblock, it's less likely that I'll see this virus?
well DO NOT GO TO THE SHIPSIM MAINSITE befor all are safety and checked
Terry are on it and V-step know about it so be safe and smart, kip out of the site
Tore
-
haven't been there for a couple of days, wouldn't dream of going there now, a virus is the last thing I want to deal with today.
-
i have the mainsite as my homepage when i got to the enternet i better change it. and last night right before i exited out of ship sim my pc said the homepage had a trojan in it.
P.S i have AVG
-
haven't been there for a couple of days, wouldn't dream of going there now, a virus is the last thing I want to deal with today.
batter to be smart yes :2thumbs:
-
i have the mainsite as my homepage when i got to the enternet i better change it. and last night right before i exited out of ship sim my pc said the homepage had a trojan in it.
P.S i have AVG
change it to the forum site then or something else
-
i tried to change it to the forum site bu it takes me straight to the home site :-\
-
i tried to change it to the forum site bu it takes me straight to the home site :-\
just change it to google.com, that should be safe, or any other site.
-
go to the front page of the forum
click on the homepage house on the menu line and those the add or change the home page, those add this as the only homepage and then it fixed
Tore
-
k ill give it it try and remember i have vista
-
k ill give it it try and remember i have vista
its the same on IE 6 7 and 8 for all os wp, vista and win 7
-
its the same on IE 6 7 and 8 for all os wp, vista and win 7
i got it thx tore :thumbs:
-
i got it thx tore :thumbs:
my pleasure my friend
-
The site may have been edited with a other computer and it may had put a vies in and it took a wire for it to be remove.
or someone had open up a e male and went they were editing the site and may have had a vires.
the list is long.
-
Ahoy to all,
There's something strange happening.
When I go to the shipsim homepage by using my bookmarks or when I enter the address directly into my browsers address line no strange behaviour at all.
Only when I try to reach the site from a hotlink in this forum I got a virus warning the moment the Shipsim homepage closes (see attachment)
Best regards
Aad
BTW, the hotlink in the preview was for testing only
-
having just looked at the source 'code' for the homepage, there isn't any references to any third party sites except youtube.
Is it possible to embed nasties in a video?
Other than that the only references are on vsteps server. I can't see anything to get upset about. That said, this is my opinion only and not defacto.
-
having just looked at the source 'code' for the homepage, there isn't any references to any third party sites except youtube.
Is it possible to embed nasties in a video?
Other than that the only references are on vsteps server. I can't see anything to get upset about. That said, this is my opinion only and not defacto.
Thank you for doing that Stuart, except something I might add:
VSTEP Shipsim(dot)com uses PHP, which, is NOT visible when looking at the source code. For example, this script, written in PHP:
<?php
echo "Hello everyone who reads this"
?>
When you look at the source code, will only appear as:
Hello everyone who reads this
Which is the same with almost all PHP tags. For all we know, there is much in there we don't know about.
-
So??? it just means it is server side processing rather than client side.
It is irrelevant what is going on internally in the server- only its output is relevant. And I can see nothing dodgy in it.
There is also talk of third party adverts on the homepage- can you see any, as I can't....?
-
If someone was able to edit the original Index.php who knows what's happening.
I don't see any either, this is very confusing. If I get the chance I could run Windows in a virtual machine on Linux and see if it installs any viruses...Maybe
-
But the output is benign. What you see on the screen is what is received from the server; if there were any nasties on the server it would manifest itself in the apparent static html
-
I'd suggest that it is best to stop trying to second guess. For now, follow my advice and don't go to that page.
I find it absolutely astonishing that so many people are "going for a look", having been told very clearly that there might be a problem.
Sheesh....
PS Nothing wrong with any of the Super Packs. I've downloaded and checked each and every one of them.
-
As I have already said all that needs to be said here, i.e. "Don't go to that page until we know what is going on", I will lock this thread.
Any further threads on this subject will be deleted.
Thanks.
Please note the words in the posting guidelines about what is acceptable in the Technical Support area.
http://80.95.161.114/shipsim/forum/index.php/topic,11578.0.html
I will be enforcing that from now onwards, as people are finding it hard to find facts amongst the chatter these days.
Thanks.
-
The problem on www.shipsim.com has now been fixed and you should no longer receive the warnings from your antivirus program.
Sorry for the disruption.
-
Thanks to whoever fixed it! ;D
Terry, are you allowed to tell us what the actual problem was?
-
What was the problem? Just out of interest..
Edit, damn you firestar :P
-
Hmm... For those of us who have seen the page and possibly have downloaded something sinister, it would not be unreasonable to be told what that might be...
-
Thanks Terry for all the help. I'm sorry it stirred up such a hornets nest, but glad it has been fixed.
Keep the missions coming please.
Gordon
-
Out of curiosity, how long was the site infected? My PC has recently been blue-screening, and won't stay on for more than 10 minutes before freezing. I've been trying my hardest to get it working, to no avail. Just wondering if this could be related (as it's only happened very recently)?
-
My car wouldn't start this morning and my toaster burned my breakfast. could it be related? ;D
Jayshun, sorry. I'm *not* extracting the urine out of you...
I tried to find out earlier on what was wrong- as I also have concerns about my laptop after visiting the site. But like Superman, Terry comes in, saves the world and hops it without so much as a by your leave. ;)
-
I have other things to do in my life.... Such as some research on the nasty that was involved.
FYI: (1) The site was not infected. One page only was affected, that being the main page at www.shipsim.com, which I told people repeatedly to not visit.
(2) The page had embedded code in it, as I stated earlier. It tried to get the "Fragus downloader" trojan installed. But if you had either updatedWindows in the past 6 weeks or else got any of the Antivirus programs installed (Norton, MacAfee, Kapersky, Panda, etc etc etc) they would have caught this straight away, provided it had been updated in the past 8 weeks or so.
It might have tried to install an ActiveX control instead (see below).
If you for some strange reason don't have antivirus installed, the Tojan would then download any of hundreds of nasties.
The first one would probably have been an ActiveX that permits someone else to remotely control your PC. But your A/V should have stopped that. In fact, so far as I can see, the default settings in Internet Explorer would have prevented that or at lleast asked your permission to proceed with the installation of the ActiveX control.
-
Thanks Doc.
Any ideas at current, how it got there?
-
Stuart, if you've gone without a PC for any length of time, one that you you work on for atleast 5 hours everyday, as well as talk and stay in touch with friends on (due to having very little money), you'd know that your sense of humour would right now seem a little anger-inducing. As you're probably a child, I'll pass on that and move on!
Terry, sorry if I came across in any other manner than inquisitive. As I said, 2 weeks without my computer is driving me nuts, and affecting my work. To be honest, this post offered me a slight glimmer of hope. So with this, I go back to 'no shipsim, occasional visit to boring forum' mode.
-
Stuart?! A Child!? Your nuts Jayshum! :o :o :doh: :doh:
-
Terry, sorry if I came across in any other manner than inquisitive. As I said, 2 weeks without my computer is driving me nuts, and affecting my work. To be honest, this post offered me a slight glimmer of hope. So with this, I go back to 'no shipsim, occasional visit to boring forum' mode.
No, you didn't do that. Not sure why you thought you did. I was grumping at Stu, who assumes that merely because I post here 24/7 I must have no other life... :evil:
But, have you checked that all the fans are working in your PC? It really does sound like a blocked airway or fan failure. If you start the PC and go to the BIOS settings (usually either DEL or F1 will get you there just after it starts), you should see a PC Health screen (or some such title). Take a look at the temparatures and see if any of them is rising by much.
-
Stuart, if you've gone without a PC for any length of time, one that you you work on for atleast 5 hours everyday, as well as talk and stay in touch with friends on (due to having very little money), you'd know that your sense of humour would right now seem a little anger-inducing. As you're probably a child, I'll pass on that and move on!
Damn. I've been found out.
Stuart?! A Child!? Your nuts Jayshum! :o :o :doh: :doh:
Thank you Capt. J.
No, you didn't do that. Not sure why you thought you did. I was grumping at Stu, who assumes that merely because I post here 24/7 I must have no other life... :evil:
Oh I AM sorry, Dr. T. I thought you had thicker skin than that... I thought the ability to recognise comments for their humorous intent was something you inherited from your great grandfather, eh M'Lord.
-
Damn. I've been found out.
I wonder then how old I am? :o
-
Wave Music doesn't follow ages in the same numeric way everyone else does. He uses a different system on his planet, based more on location than time. ;D
It's a mess to understand, don't even ask Wave Music, I doubt he can explain it in a way for you guys to understand without your brains imploding immediately. Also, don't ask Wave Music for a picture of himself or his planet. It's a disaster... :o
-
Oh I AM sorry, Dr. T. I thought you had thicker skin than that... I thought the ability to recognise comments for their humorous intent was something you inherited from your great grandfather, eh M'Lord.
Indeed I do, serf. That's why my comment had the usual wicked grin icon by it. Still, I forgive you. You may arise from your prostrate position.
Hey, everyone! Grab the boards. The serf's up. YAY!
-
Wave Music doesn't follow ages in the same numeric way everyone else does. He uses a different system on his planet, based more on location than time. ;D
It's a mess to understand, don't even ask Wave Music, I doubt he can explain it in a way for you guys to understand without your brains imploding immediately. Also, don't ask Wave Music for a picture of himself or his planet. It's a disaster... :o
I thought that joke exhausted some months ago. Oh well...
-
Hard to joke about something like that. O_-
-
Actually, yes. :-X
-
Has ANYONE heard any more on this? >:(
EDIT: Having just purchased a new version of Norton (I know, I know... there are better products- like 'nothing')
The wikipedia entry for Norton is a little worrying in terms of its service, (I spent considerable time today trawling through its help forum looking for help- lots of complaints there about service).
Most worrying is the section on how they 'ignore' certain spytools from the FBI... Does that also meen MI6, MOSSAD, DGSE, FSB etc as well? How about the man in the moon?
Having just spent £50 on this programme that even its own website firewall test has reported as flawed, I'm not best pleased. I have written- in my usual, subtle way- to their customer services. I await their response with baited breath (if a hacker hasn't got into their pop server and deleted it ::))
I know avs have been discussed before, but I'd be interested to know anyone elses opinion on this...
EDIT: Oh and theres the c: [stroke] fauxviris [stroke] carny ride [dot] exe issue which it appears Norton2007 doesn't like as it may well crash just while it is searching for it... or it might be that this is a phantom used by norton for self testing... no one at norton will bother telling anyone- and this issue was first raised 2 years ago! it is equally possible that norton is being tricked into stopping checking your drive when it reaches this phantom- and simply tells you all is well.
I've even tried to fake a virus to see if it will spot it, but doesn't- zonelabs did (warning that some aspects of it were dodgy, but recognised it as probably clean)
-
Is it safe to go back on the Ship Sim '08 website now?
-
Yes, its safe. The problem is solved and fixed :blush:
-
Yes, its safe. The problem is solved and fixed :blush:
It is a bit of a shame that no one ever explained what it was. I don't normally openly criticise Vstep but on this occasion I will.
By not providing all the information they had on it, it made it harder for anyone to confirm whether or not they were infected and find info on eradication. Not impressed on that one and I shall be staying clear of their main website- including the online shop- until Vstep issues a formal notice on it.
-
And yet I thought I had explained it quite clearly at the top of this very page.
http://80.95.161.114/shipsim/forum/index.php/topic,17042.msg228827.html#msg228827
-
Sorry Terry. No offence, but I actually meant VSTEP. As good with computers as you undoubtedly are, something that poses a threat to customers should not be responded to by a volunteer.
Also, I would like to know what steps have been taken to ensure that the site is now safe to use- especially when the online shop is concerned... debit cards, personal details etc.
The silence from VSTEP has been deafening.
I don't think it is acceptable for any online company to just say "if your a/v is working then you are ok..."
-
Yes, its safe. The problem is solved and fixed :blush:
Okay then, just checking, thanks!
-
NB Just to clarify, my above post was not intending to criticise any of the goderation team.
-
nice that shipyard link alerts my kaspersky with an trojan XD
Does this mean there's another problem?
-
Maybe yes. Maybe no.
I hope that helps clarify things.
-
There's only one thing to find it out.
Install Norton 2003 and see what's happends ;D