You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Getting a Kaspersky warning about a trojan every time I click on STW chat forum.
Anyone else?
Kaspersky says this: off-topic&mmm_fo=1&anprice=9 Detected: HEUR:Trojan.Script.Iframer 09/11/2011 22:30:02
Yesterday I got this Myfacebook thingy flashing at the top of the page. Oh ya ... I don't do Myfacebook.
No, could be one of your specific adds, or could be my AV not detecting anything and I'm currently riddled with some kind of malware
*BUY VIAGRA CIALIAS MAKE PENIS LARGER HOT BABES XXX*
Sophos is bleating about http://www.sophos.com/en-us//threat-center/threat-analyses/viruses-and-spyware/Mal~Javajar-A.aspx and http://www.sophos.com/en-us//threat-center/threat-analyses/viruses-and-spyware/Mal~EncPk-NS.aspx. I suspect its coming from an ad but dunno which one...
I got a warning earlier on just the once. I assumed it to be a false one from an advert as teh warning stopped when the page was refreshed
I got a warning earlier this evening from security essentials, deleted it, then about 60 seconds later got hit with that ****in system restore virus. Was a tw*t to get rid of too!
Lost all my shortcuts an start menu stuff
I had several pages open,but was browsing screwfix at the time. no dodgy sites either
I've notified the Mods about this thread just-in-case.
Others hit too. If I wasn't so busy I'd do a remote removal service!
System restore is what I've got. Up to system recovery options in safe mode, but Tesco admin thingy not allowing me further as I don't have a password. Any ideas, or Devs, should I just leave this to the exprts.....
All fine here. Using COMODO.
I got hit by the 'System Restore' trojan on here earlier - Microsoft Security Essentials completely failed to stop it. Had to download AVG free to remove it which took ages. Then had to run a system restore as it trashed my desktop and start menu too. Running another scan now to be sure.
Massive pain in the butt.
I wonder where I got the Zbot from hhhhhmmmm ... 😐
Yup, my desktop and start menu stuffed. I don't have the skillz to sort by myself either 🙁 Devs will be getting buttered up bigstyle!
no probs here (Ubuntu&Firefox)
Backups?
AVG detected and corralled something last night, had no pop ups since
Seems to be every week at the moment.
I've just had to recover my brother's PC from that System Restore scam virus thing. Nasty! It hides all your files and moves stuff from your "Start" button menu into a hidden folder.
This article talks you through removing it
http://www.bleepingcomputer.com/virus-removal/remove-system-restore
The good news is that it doesn't delete things, just moves them or makes them "invisible". So you can recover your system.
Those responsible need stringing up by their gonads however.
My brother's virus wasn't from STW.
My PC died last night on STW. (Im in work now and am about to start a what new compurt thread)
No issues here on either work PC, home PC, laptop or android phone - using IE, Chrome and Dolphin......
I also got the system restore virus off here last night - need to go back to last restore point which is a pain.
Was the only thing I had open for ages and I went away to eat my tea, came back and there it was.
Firefox on Win 7 running MSE.
Please give whoever did this a big slap from me please!!
+1 for system restore! It was only this thread that stopped me marching up to Curry's and buying a new one! Assumed my 6yr old Dell had just given up the ghost...
has anyone had any feedback from stw?
does sound like a dodgy link or ad somewhere on the site.
As a Premier member I have all ads turned off.
*smug*
loving certain firefox plugins right now 🙂
premiere memebers get ads turned off
is it a cynical ploy to get you to go premiere by stw
fwiw i seem to be ok on google chrome running MSE
i previously ditched firefox and avg when i got one off here a while back even with adblocker
Very sorry about this. We are bringing this to the attention of the ad server that may be the cause. Outside our control fo the moment.
Definitely not a "cynical ploy". We would not expose our users to security threats to boost subscriptions.
Which ever ad is responsible it's still doing it. Just had another one stopped whilst on STW. Not on at all.
That's the 5th trojan that has been stopped on here in less than 24 hours plus the 'System Restore' that got past MSE.
I've switched to Chrome for the time being to see if it helps.
patricksingletrack
can yo not block the ad responsible?
patrick - I think you shoudl switch off ads being served from that source altogether until you're sure the culprit has been identified and removed.
As you've confirmed this is still a live problem - I'm turning off the likely culprits now.
I had one attack last night, ran MSE and all's well.. running it again as i type, may ping off t'ill t'morrowlike until it's all well again.
I had one attack last night, ran MSE and all's well.. running it again as i type, may ping off t'ill t'morrowlike until it's all well again.
[i]I had one attack last night, ran MSE and all's well.[/i]
it does seem to have switched double post 'on' for you though 😉
Let me know if any of you are still getting problems.
Ta
mse didn't pick up the 'system restore' trojan second time i scanned for it, Malware bytes did though and removed it. You must run rkill first however to terminate the running program before trying to remove with malware bytes. run a browser direct from the programs folder and download it then click 'run', it wouldn't let me install it. i also had to use alternate file names as the 'system restore' virus terminated it.
I was also unable to update Malware bytes, luckily it was pretty recent.
I found the only way to access my program files was to go through the network connections icon in the system tray and work my way back to the folders. They appeared empty and i feared the worst until i went into Tools->folder options->view and checked 'show hidden files and folders'
Hope that brief explanation helps some of you out
Based solely on Scuttler's information, this looks to be a Java exploit. Affected Java 6 versions are Update 16 and earlier, ie, old ones.
If you use Java, Flash, Shockwave (and on a PC, who doesn't), you [b]must [/b]be running the latest version of these plugins and uninstall the old ones. Otherwise it's like spending hundreds on a burglar alarm and then going out leaving your front door open.
I found the only way to access my program files was to go through the network connections icon in the system tray and work my way back to the folders.
There's an app for that. http://download.bleepingcomputer.com/grinler/unhide.exe
System restore virus caused a melt down on an XP PC I was using last night. To get program files back had to change all folder settings in properties from hidden. Then did a proper system restore and a spybot scan. Doubt that is the end of it looks like a loada registry updates will be needed too.
and another one for system restore. I assumed my old computer had just died. Thanks for this thread. I'll see what I can do to fix it.
I got zapped last night by a trojan, computer went mental, luckily got an anti malware software that sorted it, bit it hid all my files so downloaded a program to unhide them, worked fine, but shows me that i should have checked my anti virus as it had not been uppdated since Sunday.
I got hit by this too. Tried running rkill but it won't get past 'Preparing Rkill'
Goes on to this screen and then closes itself.
Any ideas? I have tried all the various alternatives?
Mine is the same from Wednesday night, our IT guys at work have sent me some stuff to try and sort it but it may be beyond me
I was another victim of the Great Wednesday Night XP PC MASSACRE!!!
im at home now on the works laptop tyring to sort it out....