Forum Moderators: wheatpenny Forum Coordinators: Anim8dtoon
Community Center F.A.Q (Last Updated: 2024 Nov 09 4:08 pm)
Meant to say... it asked me to download something which i declilned. But only in the gallerys. THis is the info from symantec below
http://www.symantec.com/security_response/writeup.jsp?docid=2008-050916-1055-99
"I didn't lose my mind, it was mine to give away"
The Same on RDNA and Here !!!
Its NOT FAKE !
IF YOU WANT TO CONTACT BAR-CODE SENT A PM to 26FAHRENHEIT "same person"
Chris
yup my virus scanner is going crazy too, this is very annoying because it closes my browser each time.
btw
my son spotted as the trojan was trying to load....it gives this website golnanosat.com at the bottom where the website shows loading on the bottom of the webpage.
That's done by memory so it maybe a letter out here or there....but if the techs watch the screen loading that's the information it gives. Dnno if it's any use.
"I didn't lose my mind, it was mine to give away"
Just FYI ... the FREE AVG does NOT !! always block or Remove the infected file.. so clean your temp Inet files and be sure to check out the AVG reports to see what was done to infected file
If it does not say Deleted or moved to Vault ..it might say Infected..
That file is still infected AND on your HD...so YOU must remove it ASAP..
Chris
IF YOU WANT TO CONTACT BAR-CODE SENT A PM to 26FAHRENHEIT "same person"
Chris
Yes, the file lockers will be down while this is resolved.
"you are terrifying
and strange and beautiful
something not everyone knows how to love." - Warsan
Shire
Btw......heads up to everyone. Even thought my anti virus (NOrtons) caught it the pop ups.... I have so far during a scan 6 variations of Trojan.ByteVerify on my computer.
It's still scanning. I had to scan because my webpages kept refreshing and kept going backwards and forwards as I was trying to type...and this was on firefox.
I'm not very happy as I'm not very well atm and don't need the added stress of this.
I mean you expect this off a "bad site."... like a porn or crack site....but not here. (fyi i dont visit the bad sites......just saying....)
"I didn't lose my mind, it was mine to give away"
Shouldn't Renderosity contact the FBI, since the server is on US soil? I did some checking on the URL that seems to be the origin of the problem (golnanosat.com) and it seems to be its own server/host. Perhaps with this info, you could give the FBI the needed information to stop these attack.
===========================================================
OS: Windows 11 64-bit
Poser: Poser 11.3 ...... Units: inches or meters depends on mood
Bryce: Bryce Pro 7.1.074
Image Editing: Corel Paintshop Pro
Renderer: Superfly, Firefly
9/11/2001: Never forget...
Smiles are contagious... Pass it on!
Today is the tomorrow you worried about yesterday
Hi Everyone!
I want to give you all the information you need to ensure your browsing protection at Renderosity and at other websites.
Renderosity experienced an unauthorized file injection incident last night and one a week ago. Our technical staff cleaned off the effected areas of the site in less than an hour both times. Since then the programmers and network system administrators have been busy trying to make sure it doesn’t happen again and tracking down the perpetrator in hopes of some legal recourse.
We obtained at lot more valuable information this time, and we have put more safeguards in place. One of those safeguards is to block those with malicious intent, and another is a new version of our Bondware software. This new version of Bondware helps detect and prevent the file injection type of attacks. The detection message gives the warning message:
"Bondware Guard: Suspicious input detected and logged. Aborting ... "
However, it is highly possible that we have filtered out some of the Bondware software’s legitimate scripts in our enthusiasm. Please keep in mind that if you see this message, it may not really be suspicious activity. We ask that you please report this to admin@renderosity.com if you see it so we can fix the legitimate site functions. We hope you can appreciate this precautionary measure we are taking for your safety.
Please also note that our Bondware software does not store any credit card information, and we go above the PCI card protection requirements. We have always taken this security in order to increase the protection of your personal info.
As always, we strongly recommend everyone to always use anti-virus software and reject any and all unsolicited download prompts when visiting ANY website because this type of Trojan is attacking several other large, popular sites.
Thank you for understanding.
Jenifer
I have a Mac and there are no Microsoft applications on my computer and didn't have any trouble or warnings. The interesting thing is also yesterday I was using my husband's computer, he has a PC and has all microsoft applications, to download some big files on Rendo and didn't get any warnings from his virus detector or had any trouble on the site. So my question is, why is it attacking some computers and not others. Could it be that it's an application that attracts the virus and not just PC with Microsoft? I know this may sound stupid and I know nothing about computers and I was just wondering why some were effected and like me, didn't have a problem either time.
Well it was a good job i checked as i had four but im rid of them now and computer is clean with no apparent damage so all is good just for info this is what i cleaned off hugs lou x
Infected: Trojan-Downloader.Java.OpenStream.ac 1 C:Documents and SettingsMEApplication DataSunJavaDeploymentcache6(2).059(2)107cd1bb-1a5183f2 Infected: Trojan-Downloader.Java.OpenConnection.ao 1 C:Documents and SettingsMEApplication DataSunJavaDeploymentcache6(2).059(2)107cd1bb-1a5183f2 Infected: Trojan.Java.ClassLoader.au 1 C:Documents and SettingsMEApplication DataSunJavaDeploymentcache6(2).059(2)107cd1bb-1a5183f2 Infected: Trojan-Downloader.Java.Agent.a 1
You say to make sure that your anti virus is up to date... and do not download anything.
I got warnings that the site had a trojan & and refused any download....yet I was still infected SIX times. My anti virus was up to date as it was updated last week after the last hack.
"I didn't lose my mind, it was mine to give away"
I have Firefox 2.0.0.9, which is probably older, and Internet Exploder 7 on Vista.
First noticed the day before yesterday on the Rendo home page. IE gave me a download warning saying it was trying to download outlook.exe from the site mentioned earlier. Not seeing any earthly reason to dowload any .exe file, I declined.
Interesting thing was that it was showing as an approved Microsoft file.
I checked in Firefox also and it gave me the "Download Active X" popup, which I also declined. So, depending on your browser security settings, I wouldn't be so sure you didn't get any bad stuff just because you use Firefox.
Maybe it is due to the older version of Firefox that you got the warnings? I ran a thorough deep scan for both virus's and malware on my system during the night and it came back clean as a whistle. I run Vista - Firefox 3 - and Windows Live One as well as AVG on my system. So at this point I AM sure that I didn't get any bad stuff.
bevans84...
well i have to accept Active x files. also i didn’t download any Microsoft files. i run virus scanner 4 times a week. Nothing. however i did have some problems since i got service pack 3. so i had to remove it again. And since then noooo problems SS
im not sure if those things are connected somehow or ppl just being online at the "right" time and the "right" place.
maybe i just wasn’t online at the given time and just locked in after renderosity had removed, what ever was there.
Children are Angels who's wings get
smaler as their legs get longere
I got several page Trojans from ren the other day and darned if i didn't get some malware too! Does anyone know who is doing this to the poser site stores? Because I just ran clamwin yesterday and found 3 more on current downloads from (1) here and (2) daz. This has made me decide not to buy until I know what is up, and how to protect my puter against it.
*sigh...
Ariana
Is there water in your future or is
it being shipped away to be resold to you?
Water, the ultimate
weapon...
www.futurefantasydesign.com
I got this exact message when right after surfing DAZ I went to RuntimeDNA and the web page froze while it opened the main page and then I got 3 windows that opened 2 related to that "Gol" site and the 3rd was my virus protection program telling me it had detected a trojan before it landed on my system in the Java file. It wanted me to download a file and it was telling me that my system had verified it as friendly so it was "ok" to download. Which I didn't mainly because it was unusual to have that pop up when I've been a member for years and haven't seen anything like it before and my virus checker caught it.
I seem to always get this ByteVerify!exploit trojan that my checker catches, funny thing I downloaded a trial McAfee and ran it and it did not pick up the 3 trojans in the Java file. It said my system was clean and virus/trojan free. Ran my free virus checker that I get from my DSL service and it caught the trojans again. So either McAfee's was outdated even tho I was downloaded their updated free trial version, or some scanners will catch and others will not. So now it seems we need to keep 2 different versions on our systems. Can't just trust one to do the job.
Regarding the trojan, according to the virus dictionary it is an old trojan file that dates 5-10 years ago. Saying that it will become active if I were to use a web site that used the same codes and then my system could be taken over. Could it be someone is using an old program thinking it will slip under the radar or someone is infected with this and is uploading stuff in the freebies section and are unaware that they're system is infected?
Or do you think their goal is to get free Poser content by slipping in and downloading our bought stuff from the Members page. I say this because it seems to be directed to the 3d community. Most likely the sites are known to have business transactions and therefore they install the virus to catch card numbers. I was infected back in November with this and just recently at the date this thread started. I sent RDNA an email about it and gave them all the information I had on the exact time the virus checker caught and all the info from the pop up windows. I haven't heard from them but I haven't checked their forums either to see if anyone has mentioned anything.
Keep your checker updated but during times like these when an outbreak crops up, might be a good idea to run a second checker program JUST to be on the safe side.
Just the idea of someone piggybacking into my purchases is a frightening thing! I have thousands of $$$ tied up in ren alone! *sigh.....
This truly is icky!
Hugs
Ariana
Is there water in your future or is
it being shipped away to be resold to you?
Water, the ultimate
weapon...
www.futurefantasydesign.com
This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.
Ok I'm receving this virus warning
Scan type: Auto-Protect Scan
Event: Threat Found!
Threat: Trojan.Virantix.C
File: C:Documents and SettingsLouiseLocal SettingsTemporary Internet FilesContent.IE5WU11IO0Hinstall[1]
Location: C:Documents and SettingsLouiseLocal SettingsTemporary Internet FilesContent.IE5WU11IO0H
Computer: LOUISE-977B67DC
User: Louise
Action taken: Clean failed : Quarantine failed : Delete succeeded : Access denied
Date found: 27 August 2008 21:02:51
when I sign onto renderosity. I got in the gallerys and just now in the forums. The same trojan. It happened on IE not Firefox so far.
"I didn't lose my mind, it was mine to give away"