|
Spam/Malware/Trojans on GameCopyWorld
I have no idea what's going on, but I've been a faithful users of GCW for the past couple of years now...but since recently, anytime I go to the main site at www.gamecopyworld.com, I get bombarded with malware and trojans...and this continues on other pages of the site.
Epsescially the prunnet trojan...tons of pop-ups. Ugh. What's going on? Is it the ads or something? My AVG goes crazy everytime I come here. It's getting so bad that I've really stopped visiting this site any more. Has anyone else experienced this? I'm simply posting this as it's really been bothering me lately. |
Just so we're clear, I have read the following:
Q) I found a virus/trojan/other malware in a crack/trainer. A) Please, don't waste your AND our time with reporting that a crack or trainer, that you downloaded from GameCopyWorld, contains a virus, trojan or other malware, including but not limited to "Win32/Keylogger.HotKeysHook.A" related to the "H@tKeysH@@k.dll" file (in many trainers). The vast majority of these are false positives. Because of the big variety of viruses and virus scanners, it is in general highly recommended to try several virus scanners on the same file before reporting anything to anyone. You will see that one virus scanner reports malware and another doesn't. So, if you still feel that there's malware in one of the cracks or trainers, scan it with several virus scanners (read the relevant entry of the PC Games forum FAQ for a list of recommended virus scanners) and copy & paste their output into your post. Otherwise your report will be taken for just another false positive and, as such, ignored or deleted. My guess is, ArchangelX has perused it as well. Five days since his post, and not one reply? I sure the fu*k know that we can't be the only two people who have come up against the same thing - from the same place! The other day, I needed a trainer for BioShock; Just like ArchangelX, my first stop has always been GCW. For more years than I care to admit to, it has just been second-nature to go to GCW for damn near everything that's software-related - not just games! So anyway; um, BioShock... So I click on my quick launch icon and in a moment or two, I'm quickly looking over the main page with all of the latest additions. Then, I use the game files index to get me to the b's; Once there I begin to scroll down toward where the link for BioShock is at. I grab the scroll bar, and prepare to do it quickly - when I realize nothing is happening. My eyes scan the screen for the usual suspects: Most likely the page is not on top, or some other lame thing like knocking my graphics pen out of its holder, so it ends up laying on the tablet.. The thing I notice, however, is the bottom of the IE window, where you see a link address, for example; the text is just flying by, with link after link - but everything else is frozen! Then, the delayed reaction to my scroll attempt sends the page instantly down. I locate BioShock and I'm there. Okay, I'm thinking, do I want the +8 or the +11? I'm about to go with the latter - when my PC goes black and turns off. Since this has never happened before - no, wait; in 1989 or '90 I picked up the Stoned Virus on my XT. It never came back on. - I was a little worried. But, I turned it right back on and it booted right up, albeit a little slower. Then, within the first 10 minutes, I get a pop-up dialog that is claiming to be the Windows Firewall; it has blocked the following program: Win32.NETSKY.Q! It wants to know what to do next.There are 3 buttons; problem is, only one button is clickable: (the other two are grayed-out and useless) but the dialog box is conveniently too small and I can't resize it to see what the f-ing button, or most of the rest of the text, says! So I click the top-right "X" and it goes away. For 10 minutes. Every 10 minutes it pops back up. Same routine. Over and over. Just the day before, I bought the game I keep mentioning. I played it for about 10 minutes when I got home and had to stop. So, while I'm a tad bit concerned, it's not enough that I need to panic over. Naturally, then, I fire up BS and have at it! I figure I'll have a go at NETSKY, when I'm done playing! And yes, every 10 minutes - for the next hour-and-a-half, I get zapped-out to the desktop, so I can see that dialog about how vigilant my firewall is being! When I finally do focus on the more pressing issue at hand - I find that I'm completely fu*ked! IE won't stay running for more than 2 seconds; anything that's got "NET" in it, in fact, now works just like IE! When I click on Process Explorer - it runs, but as it opens, I've got literally a split second to try and read the process that is quickly closing itself, just-in-the-nick-of.... When I try to use its 'System Info' window, it opens, then immediately shuts the program down. Oh, there's more! But I suppose you've all had enough. Actually, if you have read this far, I salute you. And, ArchangelX; I wish I could get the point across with as few words, as you did! But here's the thing: All of the above came from GCW. Of course, I know it wasn't their doing. Someone obviously took control of the site and thus myself and ArchangelX were the unfortunate victims. Here's the clincher: I didn't have anything running or installed (except, reluctantly, Windows Firewall) that would have saved me a lot of the time I spent figuring out what it really was and how to get rid of it! Stupid? Absolutely! It's embarrassing, really, that I'm such a dumb-fu*k! Fortunately, it was pretty easy to trace its movements enough to eliminate a chunk of it - so I could get back online and spend some cash at Trend Micro! It happens. So don't be so flippin' smug, GCW! Cause it happened to you at the core! Not through some no-cd crack you may or may not have offered. I also didn’t think I would find just one post (and no replies) on this particular matter. I'm not, as most people aren't, worried about your site(s). No reason to. You all have been around too long, offered-up countless millions of files, and your record speaks for itself! When you are no longer a presence out here - that's when I, for one, will surely panic. I hope your problems are straightened out by now, ArchangelX? |
noparts,
Your summary is basically what I experienced. I'm posting this using FireFox because if I were to use IE to come here, I'd be right back at the start of all of the crap, and would have to spend the next day cleaning malware and trojans out. I've gotta say, someone here needs to wake up and start looking through the ads, or the core of the forums, and the site. I tested this...after I figured out how to clean my system thoroughly (more than ever before, this was the most serious encounter I've ever had), I came back to this site specifically to post this warning and to see if it really was GCW. Guess what? Slammed again, completly, only this time I had AVG running and was able to catch some of it. And it wasn't just from GCW...it's from FileForums as well. Some got through again, since I was using IE, so I went back through the cleaning process again and got rid of everything. I know how difficult it is to run a forum, and I have no idea how hard it must be to run a place like GCW. I've got nothing but respect for the hard work that's been put into it for the past couple years...but you guys HAVE TO FIX THIS. There's no way in hell I'll risk coming back here again because it's simply too much work to clean everything up again. And I'm a power user. What happens if someone that has absolutely no clue comes here? And I'm sure they do. They're doing it right now, and their computers are getting totally screwed because of it. I'm really surprised there haven't been any additional posts about this. I guess I'm just glad noparts posted, too. Anyways, for those of you that have been infected, I was so frustrated by this experience, I put together a guide that explains what tools I used to get rid of the infections I got from this site specifically. You can check it out here if you've got problems, which I'm sure a few of you do. And even if you don't, I'd still check your system out, because I bet you do! Repairing WinXP/Vista - Guides, tools, & links to help get you back on your feet! Please, whoever is in charge, take a look at what's going on. If it's the ads...then get rid of them and use a better ad provider that doesn't allow viruses. Or look in your core files for the forum. Much respect. Thanks. |
Please, be patient. Empire, the admin, cannot visit this forum every day. But he'll reply to it as soon as possible and disable the advertisements in question. (No, neither GCW nor FileForums carries malware, only the ads may.)
|
Sorry to hear both of you have experienced so much trouble with the ads etc.
I too still use IE and I have NEVER experienced any problems like the ones you two have explained. The ads are location dependent so I am obviously not seeing the same ads you guys are. I use Bitdefender and I also use a seperate popup program called PopUpCop. I can appreciate your frustration, it is annoying to get this type of crap from any site let alone GCW and Fileforums. I can however suggest an easy fix for your problems. Google 'Malwarebytes Anti-Malware' and download the Free version. From experience of helping members of my gaming clan it is an awesome program for ridding your system of any malicious content. Malwarebytes Anti-Malware will fix your current problems. It wont stop you from getting the crap again but it will solve you current problem! Btw, the Windows Firewall is crap. Good luck |
The virus that has been going about is due to an exploit in IE, plus you dont have to use IE to get it.
Microsoft released a hotfix on the 19th of this month to combat it. |
Quote:
Quote:
|
Quote:
IE7 is crap. 99.9% of the time I still use IE. Works a treat when setup correctly. ;) |
Again... It is possible to get "infected" as we use third party advertisers over which we do not have any control. So if a third party is spamming or sending crap then it is possible it is shown @ GCW, even when we are totally against this crap. Usually the advertising company showing the 3rd party advertiser will remove the crap asap but sometimes it is quite hard to see who is doing this as most ads are geo-targeted to a specific country or region, this means most users (including us) will never see this crap!
Most of the free sites in existence are using 3rd party ads and they have exactly the same problem... If there was other/better alternative advertising then we would use it but this simply does not exist anymore... The hosting bills have to be paid and this ain't cheap running 10-12 servers worldwide! So just be prepared that it can happen and make sure you are protected (but this is nothing new... if you are well protected nothing can "screw-up" your system, unless you are stupid to trust the contents of "popups", you have to be suspicious if something happens that never happened before!) We are getting at least 20-30 emails per day from people who genually think a certain file is infected but in all cases they are false positives, this is something we can never fix unless AV software is updated properly. It's frustrating but we are getting immune about this and just delete these emails... Some people think that we are sending this crap on purpose, if you are one of these people then just go elsewhere and do not come here complaining about it. It's the current state of the internet and it will only get worse! Our policy over the past 10 years has been (or at least try) to never show malware, trojans, virusus & popups of any kind, this policy has not changed! |
Trojan.downloader is not a false positive
Quote:
However Sorry dude I am no expert... but when I download a file and upon downloading before Ive run it or unzipped it, it opens java, disables my firewall and sends me nice stuff like trojan.downloader.. then I think you have a serious problem..:eek: Your policy may well be not to show malware, trojans, viruses or popups of any kind, but turning a blind eye or telling people to go elsewhere, its the current state of the internet??? lol sorry I wonder why that is?? Sorry that attitude sucks dude:( Yours hopeful of a clean website Frum |
Some people just do not "get" it... I am not surprised, again a useless reply
|
Lets put it into monkey english..
ooooh ahhh oooo oooo ahhhhh ahhh oo ooahhh ooo ooo oogahhh ooo Translated it means... They are coming from advertisements shown on the site, admin have no control on what adverts are shown and when, but the advertisements is a necessary evil since it pays no doubt a bit of the server costs for GCW to stay afloat. So again its not GCW thats infecting you, but ads provided by the ad server which GCW has no control over, well to the point admin can totally remove ads but then things would change. |
The current state of the Internet can be thanked to malicious hackers sponsored by malicious capitalists, and that has nothing to do with GCW or its forum.
The administrator - did you recognize that it is him whom you're criticising?! - will do his best to get rid of malicious advertising but he can only do that afterwards, not beforehands. As there are some other sites - not this one! - that send you infected files on purpose, you should have an able firewall and virus scanner anyway. |
Hi Guys,
Just a quick thank you for all your hard work on the sites. I have used GCW for years and have never been infected by a virus, trogen or malware of any kind. I always have an up to date virus checker and firewall running, even when I am not connected to the net. Thanx again :) |
| All times are GMT -7. The time now is 16:00. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
FileForums @ https://fileforums.com