OT- Windows Restore Virus
I believe I got this virus from mgoblog. I got it on my home cpu and I also got it on my work cpu, which i dont have admin rights too, so now I am kinda screwed. FYI be careful! It hides all your files and pretends to run a restore program, says your harddrives have crashed etc.
You should be using the noscript extension. It's an extra layer of security while surfing. When you go to a site, only what you allow will run.
I've gotten popped twice this evening by the same Blackhole Exploit Kit virus that others have referenced above. Presently using IE9, and have Norton Security Suite (the free version you get from Comcast). Norton blocked it both times, thankfully.
slightly different graphics, last night, on my wife's laptop. I didn't get the whole shebang, though. Just a portion. Running system restore from safe mode and then malewarebytes (it was preventing malewarebytes before that) cleaned it off quite nicely. She refuses to run chrome.
Chrome with Notscript is the best thing ever to happen.
I had to update a program so I shut down my browser. After the update was done, I restarted the browser and came to mgoblog. As soon as the page opened I got hit with a bad script... JS Downloader-ARA.
I have been coming and going to mgoblog all day, and this is the first time anything has come up. Avast stopped it. I also got a message telling me that I need Java to view mgoblog. Fortunately I don't have java installed.
I got it on two different computers, it's from Mgoblog. Anyone know how to fix it?
You don't have to pay for it, the free version works very well.
- Turn off system restore
- Download, install, and run a full scan with malwarebytes
- Once scan and cleaning are done... reboot and run the scan a 2nd time.
- Turn system restore back on.
You should be free of the infection.
Although, I eneded up going the route of manually removing the virus.
I got two warnings when I opened up TomVH diaries that my AV (Avast) had blocked a file from downloading. Definitely something on mgoblog, probly an ad.
If the virus hides all your files, there's a utility called unhide.exe that you can get from bleepingcomputer.com that will un hide them. First you'll need to download and run malwarebytes, possibly in safe mode, to get rid of the thing.
I got rid of it easily enough, but my start menu is still screwed
PS: I always knew you guys were dirty. :).
got it again last night with mgoblog open. any word on whats goin on?
I run ABP on all computers I use, and have not had any issues arise. Leads me to believe the underlying problem doesn't lie in mgoblog's code, but in the advertisements - which are brought in from external sites.
edit: Also, anybody running a non-windows OS that claims superiority over others because they think they're immune to viruses, malware, etc is a) ignorant and b) kidding themselves.
Just a heads up, I just had another attack blocked on this site this morning. If you have had a virus from here in the past then I suggest GTFO.
My home pc is now completely unusable, this is really a nasty one. I can't even get to malwarebytes, gotta take it to the shop. Can't complain, I love the way mgoblog burns me.
If you find the address for the site, you can type it into your browser. This virus messes with the search engines though....Nasty thing.
If you find the address for the site, you can type it into your browser. This virus messes with the search engines though....Nasty thing.
If you are using IE you really need to consider getting Firefox with Adblock+NoScript, or Chrome with the same addons.