Jump to content

  • Sign Up!

    Join our friendly community of music lovers and be part of the fun 😎

Virus?

Guest NeilVJ

By Guest NeilVJ
in Website wishlist & problems

 Share

Recommended Posts

  • Replies 670
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

jamiejc Newbie

jamiejc

Posted
Posted (edited)
With apb installed i no longer get the error as well , but like Neil says this site would not be here if it was not for the adverts.
Edited by jamiejc
Link to comment
Share on other sites
TokiDoki Rookie

TokiDoki

Posted
Posted

Microsoft Security Essentials (the free Microsoft anti virus/spyware program) doesn't pick up the virus or stop it from installing itself.

The only way I can browse efestivals now is using firefox with Adblock and Noscript, after being infected again this morning by visiting with IE!

Link to comment
Share on other sites
DJ Shakey Newbie

DJ Shakey

Posted
Posted
Anyone else experiencing problems with Internet browsers because of this? I can't use Internet Explorer at all and can only load efests on Firefox. Norton has detected it and removed it but I still can't get it too work.

When I click diagnose problem it says something about proxy settings. I'm too stupid to know what this means and my old friend google won't load to help me with it. Any help?

Link to comment
Share on other sites
DJ Shakey Newbie

DJ Shakey

Posted
Posted

It seems to get in via different stages. I think it is along the lines of:

1 - a dodgy PDF file has code in it that exploits a bug in Adobe Reader (that Adobe haven't addressed yet).

2 - this crashes Adobe Reader in such a way that it can install something without your agreement, this is the xxxxxtssd.exe file that gets installed. The way this gets installed is clever enough to avoid being picked up by resident virus scanners (but will get picked up by a full virus/malware scan)

3 - if you have a firewall, you get a firewall message asking if you give permission for xxxxxtssd.exe to access the Internet. If you say no, you don't get the really nasty malware, but you still have xxxxxtssd.exe running, and it will start each time you reboot cause it's put something in the Registry.

4 - if you don't have a firewall, or the firewall lets it through (I said yes to it to see what would happen, before rebuilding my PC), then the xxxxxtssd.exe accesses the Internet and installs the really nasty malware (called Antispyware Soft) that tells you about having loads of viruses, changes your Internet settings, and stops you opening any applications. This is when it gets even more difficult to remove.

Some tips on how to get rid of it here:

http://www.myantispyware.com/2010/04/15/ho...l-instructions/

Link to comment
Share on other sites
Nyika Newbie

Nyika

Posted
Posted

I'm for once so pleased I have strict proxy settings on here courtesy of uni, all I get is "A 3D parsing error has occurred" popping up so I can go into task manager and end the process.

Link to comment
Share on other sites
APC Newbie

APC

Posted
Posted

I had a box come up upon opening Efestivals saying something like "Java required to open this website" or something similar. I clicked ok. Maybe I shouldn't have. Nothing appears to have happened though.

Link to comment
Share on other sites
Gaz D Newbie

Gaz D

Posted
Posted (edited)

My girlfriend's PC has been infected twice today thanks to this virus, I'm suspecting it's an advert using a 0-day Flash vulnerability to execute the code; this means Google Chrome and Firefox are vulnerable, not just Internet Explorer. This is probably thanks to the advert provider being hacked by these scumbags.

It's a pretty bad scareware virus, it will block your Internet access and close any programs you use to try to remove it, while demanding payment by credit card. DO NOT PAY! I doubt it will remove it if you do!

You need to restore your PC to a previous system restore point, and don't come back here until you've installed an ad blocker and/or script blocker. For Firefox get the extension "AdBlock+", for Chrome "AdBlock", I don't know about IE because I wouldn't dare use it. For complete protection, use Firefox and the "NoScript" extension, which is just plain awesome. If it's Flash then you may get away with using FlashBlock, your mileage may vary.

Be aware that this is an automated "drive by download" and if you've been hacked by this one, you're currently vulnerable to other attacks; right now no website is safe, you *need* an ad and/or script blocker in order to surf safely.

In a few days you'll probably see an Adobe Flash update, make sure you install it.

edit: This might actually be a vulnerability in Sun's Java, FlashBlock may not be the answer. NoScript and AdBlock seem to do the job though!

Edited by Gaz D
Link to comment
Share on other sites
frankie boy Newbie

frankie boy

Posted
Posted

Think im now clean or on the way to i didnt exactley help myself by not having a anti virus softwear bought one today and this virus was then blocking it from working windows defender then scanned and cleared now the one I bought is working so I think im on the way.

Thanks for all who helped and hope everyone else get sorted. :P

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...