Malazan Empire: Malware attack or malfunctioning software? - Malazan Empire

Jump to content

  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • You cannot reply to this topic

Malware attack or malfunctioning software?

#1 User is offline   Path-Shaper 

  • Mafia Modgod
  • Group: Game Mod
  • Posts: 1,255
  • Joined: 01-October 08

Posted 30 July 2013 - 12:24 PM

Avast suddenly won't let me access this forum, saying it was blocking malware from this site. I disabled the shield and am here anyways, but does anyone know what might have caused this? Or has someone fucked with the forum and I'm becoming diseased as we speak?

*This is Shinrei btw, in Path-Shaper form.
Only someone with this much power could make this many frittatas without breaking any eggs.
0

#2 User is offline   Lisheo 

  • Difference Engineer
  • Group: High House Mafia
  • Posts: 2,306
  • Joined: 04-June 07
  • Location:Slowly returning, piece by piece.
  • Interests:All of the things.

Posted 30 July 2013 - 01:44 PM

View PostPath-Shaper, on 30 July 2013 - 12:24 PM, said:

Avast suddenly won't let me access this forum, saying it was blocking malware from this site. I disabled the shield and am here anyways, but does anyone know what might have caused this? Or has someone fucked with the forum and I'm becoming diseased as we speak?

*This is Shinrei btw, in Path-Shaper form.

Google hasn't noticed anything unusual. It might be a false positive. Did it list a page that might have had malware on it or trigger when you went to a certain page or was it just a general domain block?
I also checked the main page and the forums with Comodo's scanner, and it seems fine.
“People have wanted to narrate since first we banged rocks together & wondered about fire. There’ll be tellings as long as there are any of us here, until the stars disappear one by one like turned-out lights.”
- China Mieville
0

#3 User is offline   Path-Shaper 

  • Mafia Modgod
  • Group: Game Mod
  • Posts: 1,255
  • Joined: 01-October 08

Posted 30 July 2013 - 01:46 PM

It blocked the forum in its entirety.
Only someone with this much power could make this many frittatas without breaking any eggs.
0

#4 User is offline   Lisheo 

  • Difference Engineer
  • Group: High House Mafia
  • Posts: 2,306
  • Joined: 04-June 07
  • Location:Slowly returning, piece by piece.
  • Interests:All of the things.

Posted 30 July 2013 - 02:04 PM

View PostPath-Shaper, on 30 July 2013 - 01:46 PM, said:

It blocked the forum in its entirety.

Hmmm, looking at it with tools called wepawet and anubis makes me slightly suspicious.
You might want to run an antivirus scan with malwarebytes antimalware.
I'm going to go and PM silencer.
“People have wanted to narrate since first we banged rocks together & wondered about fire. There’ll be tellings as long as there are any of us here, until the stars disappear one by one like turned-out lights.”
- China Mieville
0

#5 User is offline   Imperial Historian 

  • Master of the Deck
  • Group: Administrators
  • Posts: 7,882
  • Joined: 08-February 04

Posted 30 July 2013 - 03:43 PM

I'm also getting this alert from avast on my phone, but not with sophos on my work PC (which is normally much more picky)
0

#6 User is offline   Lisheo 

  • Difference Engineer
  • Group: High House Mafia
  • Posts: 2,306
  • Joined: 04-June 07
  • Location:Slowly returning, piece by piece.
  • Interests:All of the things.

Posted 30 July 2013 - 04:04 PM

View PostImperial Historian, on 30 July 2013 - 03:43 PM, said:

I'm also getting this alert from avast on my phone, but not with sophos on my work PC (which is normally much more picky)

Alright, so basically I can see what looks to be a Java applet on the page; currently, checking out the URLs it leads to with curl suggest that whatever it was serving up is no longer in existence, although it might be a user-agent based serving thing, who knows.
“People have wanted to narrate since first we banged rocks together & wondered about fire. There’ll be tellings as long as there are any of us here, until the stars disappear one by one like turned-out lights.”
- China Mieville
0

#7 User is offline   Lisheo 

  • Difference Engineer
  • Group: High House Mafia
  • Posts: 2,306
  • Joined: 04-June 07
  • Location:Slowly returning, piece by piece.
  • Interests:All of the things.

Posted 30 July 2013 - 04:04 PM

View PostImperial Historian, on 30 July 2013 - 03:43 PM, said:

I'm also getting this alert from avast on my phone, but not with sophos on my work PC (which is normally much more picky)

I don't suppose you have access to the forum via SSH do you?
“People have wanted to narrate since first we banged rocks together & wondered about fire. There’ll be tellings as long as there are any of us here, until the stars disappear one by one like turned-out lights.”
- China Mieville
0

#8 User is offline   Xae 

  • Server Administrator
  • Group: Administrators
  • Posts: 90
  • Joined: 12-March 13

Posted 30 July 2013 - 04:20 PM

View PostLisheo, on 30 July 2013 - 04:04 PM, said:

I don't suppose you have access to the forum via SSH do you?

I do. What seems to be the problem?
0

#9 User is offline   Aptorian 

  • How 'bout a hug?
  • Group: The Wheelchairs of War
  • Posts: 24,785
  • Joined: 22-May 06

Posted 30 July 2013 - 04:47 PM

Avast is also blocking me from using the site. Says there is a trojan horse hiding somewhere in here. Plotting. Waiting for the time to strike.

I figured that Silencer had finally decided to strike and in one fell swoop steal all the members bank informtion.
0

#10 User is offline   Garak 

  • Emperor
  • Group: Malaz Regular
  • Posts: 937
  • Joined: 03-August 09
  • Interests:40k, Star Wars, Babylon 5, WW2, A Song of Ice and Fire, the Drenai series, the Riftwar and all that followed it, D&D, Vikings, the Malazan Book of the Fallen. I think you get the gist of it.

Posted 31 July 2013 - 04:56 AM

Some here problem here. Oddly enough though, the Avast from the PC at work (where I'm currently at) doesn't seem to mind.
The meaning of life is BOOM!!!
0

#11 User is offline   Obdigore 

  • ThunderBear
  • Group: High House Mafia
  • Posts: 6,165
  • Joined: 22-June 06

Posted 31 July 2013 - 05:12 AM

Sounds like just an Avast Issue.

My super-angry AV at work isn't having issues, neither is my phone.
Monster Hunter World Iceborne: It's like hunting monsters, but on crack, but the monsters are also on crack.
0

#12 User is offline   Gutkrusha 

  • Recruit
  • Group: Malaz Regular
  • Posts: 4
  • Joined: 18-October 11

Posted 31 July 2013 - 07:27 AM

The same thing is happening to me. It says 'URL:MAL' I've run my own scans and haven't found anything wrong.. Could it be seeing 'malazan' and only recognizing the 'mal' part before blocking it?
0

#13 User is offline   Mrs Savagely Wishy Washy 

  • unaligned and irremediable
  • Group: Malaz Regular
  • Posts: 192
  • Joined: 05-March 10
  • Location:the city of dreaming spires
  • Interests:vested.
  • Ugly is the new pretty.

Posted 31 July 2013 - 07:29 AM

I get the same message from avast on my tablet. I haven't checked my PC at home, and I don't really use my phone to browse. Access from work MAC is fine.

This post has been edited by Miss Savagely Wishy Washy : 31 July 2013 - 07:30 AM

but are they worth preserving?
'that judgement does not belong to you.'
0

#14 User is offline   Kaamos 

  • EW, SHIPPER
  • Group: Malaz Regular
  • Posts: 264
  • Joined: 21-February 13
  • Location:Finland

Posted 31 July 2013 - 07:37 AM

View PostGutkrusha, on 31 July 2013 - 07:27 AM, said:

The same thing is happening to me. It says 'URL:MAL' I've run my own scans and haven't found anything wrong.. Could it be seeing 'malazan' and only recognizing the 'mal' part before blocking it?


I was thinking the same when my two workstations began acting up. A malware called Azan. A crawler that collects the names of all the fallen, sinned internet users culpable of trolling and posting rule 34 pics, etc. into one book and sends it to some "higher authorities"? Or should such a thing be called puritanware?
0

#15 User is offline   Imperial Historian 

  • Master of the Deck
  • Group: Administrators
  • Posts: 7,882
  • Joined: 08-February 04

Posted 31 July 2013 - 08:09 AM

No problem with avast on my PC at home, just on my phone.
0

#16 User is offline   Obdigore 

  • ThunderBear
  • Group: High House Mafia
  • Posts: 6,165
  • Joined: 22-June 06

Posted 31 July 2013 - 08:11 AM

View PostImperial Historian, on 31 July 2013 - 08:09 AM, said:

No problem with avast on my PC at home, just on my phone.


I wonder if a specific update of avast flagged it then the flag was removed with the next update.

Can people check what kind of update/definition file they are running, on avast installs where it flags and where it doesn't?
Monster Hunter World Iceborne: It's like hunting monsters, but on crack, but the monsters are also on crack.
0

#17 User is offline   Tremolo 

  • High Fist
  • Group: Malaz Regular
  • Posts: 494
  • Joined: 07-March 03
  • Location:Copenhagen, Denmark

Posted 31 July 2013 - 08:31 AM

View PostAptorius, on 30 July 2013 - 04:47 PM, said:

Avast is also blocking me from using the site. Says there is a Trojan Horse Sarah Jessica Parker hiding somewhere in here. Plotting. Waiting for the time to strike.

I figured that Silencer had finally decided to strike and in one fell swoop steal all the members bank informtion.


Corrected that for ya.
'We all have nukes, and we all know how to dance'
0

#18 User is offline   Aptorian 

  • How 'bout a hug?
  • Group: The Wheelchairs of War
  • Posts: 24,785
  • Joined: 22-May 06

Posted 31 July 2013 - 09:48 AM

View PostTremolo, on 31 July 2013 - 08:31 AM, said:

View PostAptorius, on 30 July 2013 - 04:47 PM, said:

Says there is a Trojan Horse Sarah Jessica Parker hiding somewhere in here. Plotting. Waiting for the time to strike.


Corrected that for ya.


Posted Image
0

#19 User is offline   Abyss 

  • abyssus abyssum invocat
  • Group: Administrators
  • Posts: 22,003
  • Joined: 22-May 03
  • Location:The call is coming from inside the house!!!!
  • Interests:Interesting.

Posted 31 July 2013 - 01:54 PM

if this is another Cthuloid incursion i'm going to be pissed.

- Abyss, still hasn't gotten over the whole Mal-in-a-chainmail-bikini thing from the last one....
THIS IS YOUR REMINDER THAT THERE IS A
'VIEW NEW CONTENT' BUTTON THAT
ALLOWS YOU TO VIEW NEW CONTENT
0

#20 User is offline   Kruppe's snacky cakes 

  • First Sword
  • Group: Malaz Regular
  • Posts: 552
  • Joined: 13-December 11
  • Location:The Frozen Wasteland of Northern Illinois, USA

Posted 01 August 2013 - 02:49 PM

Has anyone figured out a permanent fix for this? Reporting it as a false positive seems to accomplish absolutely nothing, and obviously disabling avast is not an acceptable permanent solution.
I'm George. George McFly. I'm your density. I mean...your destiny.
0

Share this topic:


  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users