JoeBattlelines

[madmac41]

Just curious if this is happening to anyone else or if my AVG is going nuts, I keep getting messages about threats detected here.

[Lt Storm]

I got something yesterday when posting a reply, then again today when the front page was loading. So no, you're not nuts. ( )

I've gotten a message telling me it detected and deleted Trojan.FakeAV.KUE

[General Scarlett]

Oh hell's yeah.......I had to snap a pic of the WARNING! and send it to Fred via the fb.......he was not pleased with this I tell ya!!!

And, it had gotten into my computer when I was adding to the JBL front page.......it ed the hell outta my address book and send sh*t to EVERYBODY in my contact list


But, I've run Malware twice and I'm confident that I've sent that little b@st@rd packing!!

[cmderinchief]

Going forward, if anyone gets the fake AV message popup throughout your web travels, just atl+ctrl+delete and go into Task Manager. Kill all open sessions of your browser. Clicking on the popup - even to close it could be enough to allow access. Killing your session will stop the code before it installs. This will stop the process cold, but you will be closing your browser session(s) as a result. I don't play with these buggers and I don't rely on my AV as a safe fallback. These apps are built to beat AV clients......I've cleaned them up too many times with my users with a current AV DAT file loaded.

[pbarny]

I just wonder, what does make this site that much more vunerable than others?

[General Scarlett]

Going forward, if anyone gets the fake AV message popup throughout your web travels, just atl+ctrl+delete and go into Task Manager. Kill all open sessions of your browser. Clicking on the popup - even to close it could be enough to allow access. Killing your session will stop the code before it installs. This will stop the process cold, but you will be closing your browser session(s) as a result. I don't play with these buggers and I don't rely on my AV as a safe fallback. These apps are built to beat AV clients......I've cleaned them up too many times with my users with a current AV DAT file loaded.

Thanks for this Gary.........but what do I do now? I spent all day yesterday debugging my computer and now the effin' thing is SPAMMING again!!!!!

[General Hawk]

I just wonder, what does make this site that much more vunerable than others?

In this case, it has nothing to do with the site. GoDaddy's servers themselves got hit, it's impacting thousands of other WordPress sites out there right now.

Justin

[Lt Storm]

Thanks for this Gary.........but what do I do now? I spent all day yesterday debugging my computer and now the effin' thing is SPAMMING again!!!!!

I had a problem with a bug on one of my computers at work and I tired a bunch of different things. I tired to download a few programs that was supposed to get rid of the bug on my work computer, nothing worked. Until I installed Windows Defender, it was able to locate and delete the infection. So far so good.

I had a problem with an anti virus program my brother suggested, that I felt was cr@p, that I was going to use to try and fix my work computer. It buggered up my home laptop with a malware infection after it was downloaded and installed. That was difficult to get rid of, even after a couple attempts and it was supposedly located and deleted, it was still in my system. I found out that I had to go into Add/Remove Programs list locate and remove it. That was a "Search Setting V1.2.3." message that would pop up when I ran IE or open My Documents/My Computer, but not Firefox for some reason.

You'll have to do a full scan too, not just a quick scan. Some of these anti virus/spy/malware programs do a quick scan.

One suggestion was to download a program off a non-infected computer to a CD or Flash Drive and then run it from the disc on the infected computer.

In this case, it has nothing to do with the site. GoDaddy's servers themselves got hit, it's impacting thousands of other WordPress sites out there right now.

Justin

Is it just those who use WordPress who are signed up with GoDaddy?

[Goldbug]

Interesting.
What browsers are you guys using?
I use Firefox on my Windows machine. However I always use my Mac to browse the web so I don't ever see these kinds of things.

[cmderinchief]

Look up an app called COMBOFIX. More than half the time it fixes the problem. If it doesn't, sadly, you are left with little alternative but to reformat.

[General Hawk]

Not necessarily, Gary. I've had a lot of experience with these things, and more often than not, Malwarebytes will fix the issue.

http://malwarebytes.org/

Justin

[MaxPower]

General Scarlett,

Not only did I get that virus pop up from JBL I got an email from YOU GS, with your name on it.

Your real name and it was a SPAM email trying to sale me some junk or medicine. My email flagged it down right away.

[cmderinchief]

Not necessarily, Gary. I've had a lot of experience with these things, and more often than not, Malwarebytes will fix the issue.

http://malwarebytes.org/

Justin

Yeah, got that one too. When I had to use it on a PC here at work (it was so bad it killed the NIC, taskmgr, cmd, msconfig and others), it INSISTED on dialing home for an update prior to the first scan even though it was "current". Well, ya can't dial home with your NIC dead. Combofix worked because it shut the machine down and rebooted the machine "DOS" and dialed home via a DOS ethernet driver. I have no idea how bad this current one is....don't wanna know. Either app would surely work.

[LokiLeysmith]

I don't know about any virus, but yesterday when I clicked onto the forum, my Norton 360 4.0 reported that it had blocked an attack on my computer. I can't remember what it was exactly, but a screen popped up and it looked as though it was trying to download a program before it was blocked.

I shut down Firefox and ran a complete scan immediately. Nothing came up, thank goodness, but it kind of gave me a bit of a jolt.

[cmderinchief]

Your AV did its job!