Page 1 of 2
JS.Trojan.Seeker-based
Posted: Wed Sep 19, 2001 9:27 pm
by Janusz
Everytime i visit
www.matrixgames.com i got message
"Virus JS.Trojan.Seeker-based found"
???
Posted: Thu Sep 20, 2001 12:39 am
by Paul Vebber
Hmmm, we will look into it, but trojans are typically not spread via websites, but direct insertion, or email. HAs anyone else seen this? CHeck an anti-virus website like
www.norton.com you may be the one infected?
[ September 19, 2001: Message edited by: Paul Vebber ]
[ September 19, 2001: Message edited by: Paul Vebber ]</p>
Posted: Thu Sep 20, 2001 3:37 am
by New York Jets
I have been getting virus detect messages from my anti-virus program (Norton 2001)when I access the website. Please advise.
Posted: Thu Sep 20, 2001 4:40 am
by Paul Vebber
Which virus? I have that same software and it says my system and the pages are clean??
Posted: Thu Sep 20, 2001 5:39 am
by Les_the_Sarge_9_1
Hey guys,
having gotten a virus only twice in my time computing, and once it was likely a wargame related download, (another site though), this all seems to point to the virus affected individuals having not kept their anti virus totally up to date (as was the case in my case).
This is absolutely vital when downloading stuff that is essentially stuff that involves running programs.
This advice is the stuff most would call obvious, but we obviously hear of lots of people that forget the obvious.
In both cases my computer acted funny until I got suspicious and updated anti virus. Which is the point where it first noticed the offending virus.
And I must say I know of numerous individuals that even run computers without anti virus protection. Some people say anti virus programs are "intrusive" on the computers operational performance". But then there are no small number of people that say the same of condums too for that matter.
Currently I see nothing wrong with Matrix myself. It is clearly obvious that anyone with a hassle getting here, has a bug that affects online performance.
And that is clearly the problem of the users computer. Which is in my view, potentially the reason for many "bug" reports in game performance.
Cause I have yet to ever see anything ever go wrong in any of my games (other than bad strategies heheh).
Posted: Thu Sep 20, 2001 6:14 am
by New York Jets
Originally posted by Paul Vebber:
Which virus? I have that same software and it says my system and the pages are clean??
The next time I get it I will record it and let you know. Thank you.
Posted: Thu Sep 20, 2001 8:03 am
by New York Jets
Originally posted by Paul Vebber:
Which virus? I have that same software and it says my system and the pages are clean??
Paul,
When I go from the entry page to the main menu page I get the following alert from Norton 2001
File: Program
Object:Windows Script Host Shell
Activity: RegWrite
I hope this helps. Thanks.
Posted: Sun Sep 23, 2001 6:21 am
by Big Bill
When I first got Norton 2001 I had warnings when any of my reguler programs tried to write to the disk. Look at your Norton configuration and see if you can set it to let matrix have access.
Posted: Sun Sep 23, 2001 9:22 am
by New York Jets
Thank you, Bill. I'm still a little new to some of the technical aspects of this stuff. <img src="smile.gif" border="0">
Posted: Sun Sep 23, 2001 9:14 pm
by Janusz
OK - next info
I use AVP (Kaspersky Lab) and one of the newest version MSIE.
Today I turn off AVP Monitor and vist
www.matrixgames.com and ... MSIE can't load site ... and don't responding.
then I turn on AVP Monitor - web site loads and AVP Monitor "found Virus: JS.Trojan.Seeker-based"
Posted: Mon Sep 24, 2001 1:10 am
by GI Seve
Well I have experinece this just once. Actually right when I logged in today (23.9 at 11.55 pm). My F-Prot virus detector made that virus alert(Finnish based but multiracially upkeeped virus protection program [url=
http://www.datafellows.com).]
www.datafellows.com).[/url] I said that there were some trojan horse virus on this site. I suggest Matrix administrator to check his system with his virus protection programs latest updated version urgently!!!
Posted: Mon Sep 24, 2001 3:13 am
by Tombstone
I was getting this from my home machine, but not from my work machine. I was getting the reg write warning from Norton AV. I reinstalled Norton, and went through the live update and everything seems to be ok, but on a side note although none of my files appear to be infected I cannot complete a full system scan with NAV. Dunno, could be something there...
Tomo
Posted: Mon Sep 24, 2001 4:56 am
by David Heath
Hi Guys
We use a virus program on our servers and I am sure its not the server. If it was the server EVERY one would have the problem.
Posted: Mon Sep 24, 2001 9:16 pm
by KING
That virus comes to me too from matrixgames.com. I just sended email to Forums administrators before I saw this topic.
I use also F-Prot Anti-Virus. If there is not virus in Matrixgames, then there must be some other thing which causes that. Perhaps spyware or something which alarms Anti-Virus. That "virus" wasn´t there few weeks ago when I last time visited in Forums. Have you there in Matrixgames installed some new software or done some changes to pages code or so? Matrixgames.com is the only site which causes that Trojan warning.
Posted: Mon Sep 24, 2001 11:46 pm
by Paulus Pak
I'm sorry but I posted a new topic before reading this. I have exactly the same problem as CHRIS TROG. What's going on??
Posted: Tue Sep 25, 2001 4:52 am
by sinner
A suggestion from an IT professional:
Can you guys move the whole web to an Apache-based webserver?
Apache (which runs on WindowsNT, Linux, FreeBSD, AIX, Solaris...) is known for its solidity and securiy. Qwest carries Apache as well.
MS-IIS + Windows2000 , unfortunately are not very secure nor reliable.
How difficult it would be to do move the whole site? Apache supports .asp and things usualy considered "Microsoft only".
You would get better reliability (uptime), if managed in a usual way, no security issues, is less expensive (if you have to pay for the software, like Qwest. So I do not know if this actualy translates to the "end users", like MatrixGames), better handling of heavy traffic loads, less resource-intensive (so the same machine can do more work)... and no users complaining about a worm gotten from your site.
Please check the Gartner Group on MS-IIS here:
http://www3.gartner.com/DisplayDocument?doc_cd=101034
Gartner Group
Salut,
Sinner
Posted: Tue Sep 25, 2001 5:11 am
by Paul Vebber
See my post on the shockwave applet - there is no worm.
Posted: Tue Sep 25, 2001 8:19 pm
by nexus
Originally posted by Janusz:
Everytime i visit www.matrixgames.com i got message
"Virus JS.Trojan.Seeker-based found"
???
hello.
after reading this thread i just checked my system f. viruses. and there was one found in windows/system/..... named "Trojan ???".
But i don´t know if i got this thru this webside....could be possible i think.
what does such a "trojan" ??? anyone knows?
Posted: Tue Sep 25, 2001 9:56 pm
by Paul Vebber
It lets a hacker access your computer. They are commonly used to perform massive denial of service attacks against web sites.
They are commonly inserted into your computer remotely. Anybody that has an IP address that does not change routinely is vulnerable to having a trojan inserted by hacker activity (they are effectively "broadcast" to vulnerable groups of IP addresses and then the hacker waits for those that are successful to report in.
They are typically not distributed via a website. We have up to date virus protection on our servers and if you do not have firewall, and have a cabla modem of other type of connection that uses semi-permanant IP address, then you are vulnerable to have one of these programs sent via the internet to your system.
THe bottom line is if you rely on your computer and spend a lot of time on the web, invest in personal firewall softwall as well as virus detection
Posted: Wed Sep 26, 2001 12:51 am
by nexus
Originally posted by Paul Vebber:
It lets a hacker access your computer. They are commonly used to perform massive denial of service attacks against web sites.
They are commonly inserted into your computer remotely. Anybody that has an IP address that does not change routinely is vulnerable to having a trojan inserted by hacker activity (they are effectively "broadcast" to vulnerable groups of IP addresses and then the hacker waits for those that are successful to report in.
They are typically not distributed via a website. We have up to date virus protection on our servers and if you do not have firewall, and have a cabla modem of other type of connection that uses semi-permanant IP address, then you are vulnerable to have one of these programs sent via the internet to your system.
THe bottom line is if you rely on your computer and spend a lot of time on the web, invest in personal firewall softwall as well as virus detection
do trojan´s delete save games???
overnight all my saved games from SPWAW are gone!!
all files in save directory are gone,except an old outosave on slot 1.
i´m SHURE i did not deleted them,´cause there were 2 campaigns ongoing.
yesterday i downloaded WIR 3.1, btw....
i don´t know what it was,but it´s deleted by my anti virus program.