Viewing 40 posts - 1 through 40 (of 45 total)
  • Trojan on STW
  • FeeFoo
    Free Member

    Getting a Kaspersky warning about a trojan every time I click on STW chat forum.
    Anyone else?

    Kaspersky says this: off-topic&mmm_fo=1&anprice=9 Detected: HEUR:Trojan.Script.Iframer 09/11/2011 22:30:02

    chewkw
    Free Member

    Yesterday I got this Myfacebook thingy flashing at the top of the page. Oh ya … I don’t do Myfacebook.

    molgrips
    Free Member

    No, could be one of your specific adds, or could be my AV not detecting anything and I’m currently riddled with some kind of malware

    *BUY VIAGRA CIALIAS MAKE PENIS LARGER HOT BABES XXX*

    TandemJeremy
    Free Member

    I got a warning earlier on just the once. I assumed it to be a false one from an advert as teh warning stopped when the page was refreshed

    TheFunkyMonkey
    Free Member

    I got a warning earlier this evening from security essentials, deleted it, then about 60 seconds later got hit with that **** system restore virus. Was a tw*t to get rid of too!

    Lost all my shortcuts an start menu stuff

    I had several pages open,but was browsing screwfix at the time. no dodgy sites either

    druidh
    Free Member

    I’ve notified the Mods about this thread just-in-case.

    devs
    Free Member

    Others hit too. If I wasn’t so busy I’d do a remote removal service!

    jojoA1
    Free Member

    System restore is what I’ve got. Up to system recovery options in safe mode, but Tesco admin thingy not allowing me further as I don’t have a password. Any ideas, or Devs, should I just leave this to the exprts…..

    Ambrose
    Full Member

    All fine here. Using COMODO.

    neninja
    Free Member

    I got hit by the ‘System Restore’ trojan on here earlier – Microsoft Security Essentials completely failed to stop it. Had to download AVG free to remove it which took ages. Then had to run a system restore as it trashed my desktop and start menu too. Running another scan now to be sure.

    Massive pain in the butt.

    chewkw
    Free Member

    I wonder where I got the Zbot from hhhhhmmmm … 😐

    jojoA1
    Free Member

    Yup, my desktop and start menu stuffed. I don’t have the skillz to sort by myself either 🙁 Devs will be getting buttered up bigstyle!

    baldSpot
    Free Member

    no probs here (Ubuntu&Firefox)

    enfht
    Free Member

    Backups?

    rOcKeTdOg
    Full Member

    AVG detected and corralled something last night, had no pop ups since

    atlaz
    Free Member

    Seems to be every week at the moment.

    allthepies
    Free Member

    I’ve just had to recover my brother’s PC from that System Restore scam virus thing. Nasty! It hides all your files and moves stuff from your “Start” button menu into a hidden folder.

    This article talks you through removing it

    http://www.bleepingcomputer.com/virus-removal/remove-system-restore

    The good news is that it doesn’t delete things, just moves them or makes them “invisible”. So you can recover your system.

    Those responsible need stringing up by their gonads however.

    My brother’s virus wasn’t from STW.

    uwe-r
    Free Member

    My PC died last night on STW. (Im in work now and am about to start a what new compurt thread)

    hilldodger
    Free Member

    No issues here on either work PC, home PC, laptop or android phone – using IE, Chrome and Dolphin……

    Ashley
    Free Member

    I also got the system restore virus off here last night – need to go back to last restore point which is a pain.

    Was the only thing I had open for ages and I went away to eat my tea, came back and there it was.

    Firefox on Win 7 running MSE.

    Please give whoever did this a big slap from me please!!

    13thfloormonk
    Full Member

    +1 for system restore! It was only this thread that stopped me marching up to Curry’s and buying a new one! Assumed my 6yr old Dell had just given up the ghost…

    wwaswas
    Full Member

    has anyone had any feedback from stw?

    does sound like a dodgy link or ad somewhere on the site.

    Rickos
    Free Member

    As a Premier member I have all ads turned off.

    *smug*

    toby1
    Full Member

    loving certain firefox plugins right now 🙂

    kimbers
    Full Member

    premiere memebers get ads turned off

    is it a cynical ploy to get you to go premiere by stw

    fwiw i seem to be ok on google chrome running MSE
    i previously ditched firefox and avg when i got one off here a while back even with adblocker

    patricksingletrack
    Free Member

    Very sorry about this. We are bringing this to the attention of the ad server that may be the cause. Outside our control fo the moment.

    Definitely not a “cynical ploy”. We would not expose our users to security threats to boost subscriptions.

    neninja
    Free Member

    Which ever ad is responsible it’s still doing it. Just had another one stopped whilst on STW. Not on at all.

    That’s the 5th trojan that has been stopped on here in less than 24 hours plus the ‘System Restore’ that got past MSE.

    I’ve switched to Chrome for the time being to see if it helps.

    TandemJeremy
    Free Member

    patricksingletrack

    can yo not block the ad responsible?

    wwaswas
    Full Member

    patrick – I think you shoudl switch off ads being served from that source altogether until you’re sure the culprit has been identified and removed.

    patricksingletrack
    Free Member

    As you’ve confirmed this is still a live problem – I’m turning off the likely culprits now.

    bikebouy
    Free Member

    I had one attack last night, ran MSE and all’s well.. running it again as i type, may ping off t’ill t’morrowlike until it’s all well again.

    bikebouy
    Free Member

    I had one attack last night, ran MSE and all’s well.. running it again as i type, may ping off t’ill t’morrowlike until it’s all well again.

    wwaswas
    Full Member

    I had one attack last night, ran MSE and all’s well.

    it does seem to have switched double post ‘on’ for you though 😉

    patricksingletrack
    Free Member

    Let me know if any of you are still getting problems.

    TandemJeremy
    Free Member

    Ta

    TheFunkyMonkey
    Free Member

    mse didn’t pick up the ‘system restore’ trojan second time i scanned for it, Malware bytes did though and removed it. You must run rkill first however to terminate the running program before trying to remove with malware bytes. run a browser direct from the programs folder and download it then click ‘run’, it wouldn’t let me install it. i also had to use alternate file names as the ‘system restore’ virus terminated it.

    I was also unable to update Malware bytes, luckily it was pretty recent.

    I found the only way to access my program files was to go through the network connections icon in the system tray and work my way back to the folders. They appeared empty and i feared the worst until i went into Tools->folder options->view and checked ‘show hidden files and folders’

    Hope that brief explanation helps some of you out

    Cougar
    Full Member

    Based solely on Scuttler’s information, this looks to be a Java exploit. Affected Java 6 versions are Update 16 and earlier, ie, old ones.

    If you use Java, Flash, Shockwave (and on a PC, who doesn’t), you must be running the latest version of these plugins and uninstall the old ones. Otherwise it’s like spending hundreds on a burglar alarm and then going out leaving your front door open.

    Cougar
    Full Member

    I found the only way to access my program files was to go through the network connections icon in the system tray and work my way back to the folders.

    There’s an app for that. http://download.bleepingcomputer.com/grinler/unhide.exe

    tinribz
    Free Member

    System restore virus caused a melt down on an XP PC I was using last night. To get program files back had to change all folder settings in properties from hidden. Then did a proper system restore and a spybot scan. Doubt that is the end of it looks like a loada registry updates will be needed too.

Viewing 40 posts - 1 through 40 (of 45 total)

The topic ‘Trojan on STW’ is closed to new replies.