Music website hacked?

June 18, 2010 at 08:53:05
Specs: Windows Vista
Hi i think the following site has been hacked and is spreading viruses suddenly ?

www.arminvanbuuren.us/ is a website that usually streams trance music, ive been there before with no problems, so i went there yesterday to play music.

The website then hijacked the IE explorer window and suddenly it had the look of a windows explorer folder of all my drives that were being scanned. You know one of those cheap viruses that tries to pretend it is scanning your computer of viruses, and when you try to shut it down it says some rubbish about "your webpage is in danger, your computer is in danger press accept to clear computer" or some nonsense like that.

So i had to force shut down my computer, but im afraid i didnt shut it down fast enough and maybe some virus/malware was transmitted.

Can someone please help me, as to how i can find out if anything was infected, and possibly discover what kind of hijack has suddenly taken over this rather large music provider.

i ran an AVAST scan on one computer and it didnt find anything, but i still think my laptop seems to be running suspiciously slower.


See More: Music website hacked?

Report •

#1
June 18, 2010 at 15:37:03
Send and Email to the Admin at...

info@tranceflix.com

Personally after looking at some info on this site they do not look like they can be trusted.

Whos Is Info...

Registrant:
--

15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260
United States

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: ARMINVANBUUREN.US
Created on: 08-Sep-06
Expires on: 07-Sep-10
Last Updated on: 04-Sep-09

Administrative Contact:
DomainsByProxy.com, DomainsByProxy.com info@tranceflix.com
--
15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260
United States
4806242599 Fax -- 10000000000

Technical Contact:
DomainsByProxy.com, DomainsByProxy.com info@tranceflix.com
--
15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260
United States
4806242599 Fax -- 10000000000

Domain servers in listed order:
NS1.DREAMHOST.COM
NS2.DREAMHOST.COM
NS3.DREAMHOST.COM


Registry Status: clientDeleteProhibited
Registry Status: clientRenewProhibited
Registry Status: clientTransferProhibited
Registry Status: clientUpdateProhibited

See Underlying Registry Data
Report Invalid Whois


Report •

#2
June 18, 2010 at 20:04:27
Yes, the website had been hacked and my antivirus software Kaspersky Internet Security 2011 had detected virus on the website. KIS reported that "Detected: Trojan.JS.Redirector.cq".
Maybe you should Download Kaspersky Internet Security 2011 and make a deep scan in the SAFE MODE.

Report •

#3
June 19, 2010 at 03:54:38
Wow thanks alot for the extremely helpful responses im gonna try to get kaspersky and run a safe mode scan (hope it doesnt cost too much)

ill try writing to the admin also.

Thanks alot for the help guys, i use this computer for banking so i want to stay safe and be sure i didnt get infected.


Report •
Related Solutions


Ask Question