Attn Brian: virus infecting MGoBlog
Pics or it didn't happen.
scan right now to make sure my computer hasnt caught AIDS or Herpes
Here we go again...
While you are at it, get rid of this moderate button.
thing happened to me. Chrome shut down and wouldn't re-open and Malware Protection shows up as a desktop icon.
I've had no issues with Chrome (so far).
Last time this happened, I think Brian said you have to tweet him to get a hold of him.
Same thing happened to me. Had to restore my computer to an earlier date/time to get rid of it.
When you say set the time and date to an earlier day and then restart the computer? Because the same thing happen to me today
At first sign of ANYTHING, disconnect the computer from the internet.
Turn the computer off with a hard stop, and reboot in safe mode.
In safe mode, you should be able to open the task manager and close out the afflicting programs.
Run system restore in safe mode and restore to the most recent update point. Reboot AGAIN into safe mode.
Run your virus scanner/cleaner. If you don't have one, then I refuse to help you. Any good one should take care of it.
If you don't already have malewarebites, go to another computer, download that and install it to a usb drive.
Plug the USB drive into your computer and run malwarebytes, or run it from your local drive if you've got it.
After that has run, you should be able to boot back into windows normally. Before reconnecting your computer to the internet, run malwarebytes, antivirus, and any others you have like spybot or adaware right away, full scan.
If they come up with something, reboot again and set a boot scan. If not, reconnect to the internet.
Download Chrome and NotScript before you do anything else at all.
Thanks!!!!
Anybody run into any problems with FF? I am running FF 5.0 and haven't had any problems yet, but since it's a work computer I'm probly going to cut myself off from MGB for a couple days to be safe.
I'm running FF and got a warning earlier today from my work computer.
I noticed a problem a few weeks ago and emailed Brian about it and traced the issue to Quantserve which I think is a cookie tracking service of some kind. One of my Java files was corrupted by the bug. Reinstalling Java fixed the problem.
I also started running NoScript (FF add-on) and blocked Quantserve on my personal computer. I have not had any problems since installing NoScript.
This is why I love my Mac. Lulz at all the PC users.
to everyone else, you really should have some form of noscript running. mgoblog isn't the problem - compromised ads are.
if you can't get noscript on your browser, then just disable javascript. Sure you lose some of your "rich browsing" experience, but that's worth it for the safety.
Exactly. I am surprised there are not more people that use add ons like AdAware
I have it, though for sites I really want to support, such as this one, I turn it off.
Beveled Guilt
I can't believe they don't have a noscript plugin for Chrome yet. It's almost unacceptable.
There is one called NotScripts.
i went through the malware thing going on whenever i wanted and didnt get infected
First off, "lulz"? Really? Secondly, I build and tech websites for a friggin living. I can assure you Macs are extremely vulnerable to malware. They've made a lot advances in exploiting Mac's weaknesses as of late to the point that people are more regularly starting to focus on making viruses secifically for them, mostly because they know mac users and apple software are utterly oblivious when it comes to properly protecting their computer and removing suspicious files. Matter of fact there was a huge virus outbreak with a very similar virus to this one that targeted macs about a month ago, not so invulnerable now, are we...
For the people affected by this malware being talked about in this thread, it just wants your money and then it will go away. You pay the fee and it gives you a serial code that you put into it, and poof, its gone. However, for as smart as these douchebags who create these things are, I don't believe they set up anything in the program to check if a serial code hasalready been used. Through a quick search on another computer, it should be easy enough to go to an anti-malware forum/site and find a serial code from a guy who took one for the team and bought it. Put it into the program effecting your comp to make it go away. Afterwards, to make sure the malware left behind no backdoors to come back through, make sure you do a restore to a previous date (if you make regular backups on you're computer which you should be doing) and/or run a full virus/spyware scan.
Never pay. These things almost always DO NOT go away when you pay. Would you give a man burning your house down money if he said he'd stop if you did?
What? Did you even read my post? When did I ever say to pay? What I very clearly said was whenever these types of viruses come out, someone who mods an anti-malware forum almost always will pay the fake anti-virus' fee just so it's serial number can be shared with less tech saavy others to help them more quickly get rid of the virus.
And yes, the malware almost always go away once the serial code is inserted. From personal experience working with dumbasses who've paid the fee and other web devs who used my theory on finding an already purchased serial code, I can assure you they do. With these viruses, its not the stereotypical anarchist virus designer who creates these infections out of pure enjoyment and boredom. These viruses are created by pyscho entrepenuers trying to make some money. It really is a different breed. Once they have the money, they are usually content with no longer holding your computer hostage. Now, they very well may leave backdoors somewhere in your computers, but those are quite easy to remove with a full scan.
*Again, i'm not advocating paying the fee, I'm just saying, to save you some time, you can find a serial code somewhere online, its the easy way out without giving these guys the satisfaction of a payday.
...or tweet.
Hmm... A few weeks back I got infected with the same virus while looking at a movie review site iirc. I can't remember whether I had been viewing mgoblog or not though. Also, I was using IE8.
To remove the virus, start the pc up in safe mode and run malwarebytes on it. I just copied the program over from another machine, but you could also download it by starting the pc up in safe mode with networking.
No problems at home using FF 5.0. We have to use IE at work, but I read MGOBLOG with my IPHONE at work. I could get in really hot water getting any virus from a non .gov site!
I was offsite for two weeks of training and I went through two desktop computers because of the same virus.
ATM all of our software is up to date and none of our tripwires installed after the Great Malware Disaster have come up with an alert. So it's a problem with the ads, and one that should be taken care of quickly by Google; we have no control over that, unfortunately.
Has questions about computer security or needs help removing malware, send me an email [email protected]. As soon as I can i will post a reply on how to manually block ads using host files for people who can't use firefox.
Quit watching so much Pr0n
on IE. It moves quick, but my IT guy is quicker.
My Kespersky antivirus keeps sending me nastygrams, telling me I've been hit with something. It starting happening after I posted a picture of two kittens while responding to a post whining how we're a bunch of meanies. Damn him!
My computer just got infected with this virus while I was reading this thread! Luckily McAffee VirusScan found and deleted it quickly.
I am using Firefox 5.0. I think it's time for a break from Mgoblog for a while.
I got hit with it this morning while running firefox. It was the defender trojan that basically shuts down everything until you pay to fix it. Easy to remove just took time.
i just got nailed with it. what do i do? i suck when it comes to computers. please help.
Fixed it. Thanks.
I cant fix mine what did you do.
This isnt my tutorial but it worked. Just follow the automated removal instructions.
hp://www.bleepingcomputer.com/virus-removal/remove-security-protection
You will have to boot into safe mode and run a updated antimalware program.
Went down this morning because of this. Had to write manual tickets until IT fixed it. Lol damn
less pr0n.
Install AdBlock Plus for Firefox and Chrome to avoid seeing ANY of them...
Is that you don't have old copies of Java installed on your system. If in doubt, uninstall all versions and then go to the Java site to reinstall the latest version.
Generally, a PC with the latest antivirus software and patches will avoid the problem. The trojan in question is particularly pesky because it hides all your icons, changes administrator settings (like allowing you access to task manager to shut it down), etc.
because I was on this site at work, accidentally clicked an ad, and a "defender.exe" file invaded my work PC and I had to have IT fix it. It started scanning like an antivirus program, and showed one infected "child porn" file. They do this to scare the shit out of you, and so you buy their antivirus program. I'm on my Mac at home, and never, never have these sorts of problems. I hope the maker of this malware gets hit by a MackTruck today. Go Blue
For the not tech-savvy, can someone walk me through how to fix this? Would really appreciate it.
Happened to me a few weeks back and had to restore the system , I downloaded AVG in place of my crap McAfee and haven't had any issues since !