11/09/2010

Wolfman Report: IT TOOK ME 3 DAYS TO STOP MALWARE

Kindle Wireless Reading Device, Wi-Fi, 6" Display, Graphite - Latest Generation 


I have a blogspot web site. It is listed in my bio on my column.
When I went to the blogspot web site, the web page came up briefly and then a blank initialize screen came up. Then a “message from webpage came up. 


clip_image002
The web site was effectively shut down. All you could get was a brief glance at the site and then the above pop-up was initialized.
Blogspot frowns on infected web sites, which is very understandable.
I went to Microsoft and Blogger for help. Microsoft basically told me to run Malware programs, which I did.
  • I ran AVG
  • I ran Spybot Search and Destroy
  • I ran Microsoft One Care
  • And I ran Malicious Software Removal Tool
They found minor threats, but not the one causing the pop-up.
I began to thinking the Malware was in the HTML on the blogspot web site.
I deleted all my articles, all comments, and all text everywhere. I tested anything else that remained, and found nothing.
I decided that the Malware was not in the blogspot web site.
I decided to check the blogspot website once more, and when I did an AVG alert came up. The AVG alert identified the URL of the Malware, which was different at every check. The one common piece of information pointed to Internet Explorer.exe and differing process numbers.
The odd thing is; AVG alerted the Malware when going to blogspot, but it didn’t find it in Internet Explorer. The information it provided at blogspot was invaluable and pointed to Internet Explorer.
I slept on the information and decided that instead of trying to do something to the Internet Explorer processes; I would just take Internet Explorer out . I downloaded Firefox, and removed Internet Explorer. I could have imported stuff from Internet Explorer to Firefox, but decided to steer clear of anything from Internet Explorer.
The pop-up quit coming up. The wicked witch was dead!
Here’s some information from Microsoft, which I received:
  • Sunday, November 07, 2010 9:01 PMclip_image001tech32 clip_image002clip_image002[1]clip_image002[2]clip_image002[3]clip_image002[4]
DON'T CLICK ANYTHING!!
this is a common scam that says your computer is infected with malware
if you click anything it will infect you with rouge antivirus
to stop it press Ctrl+Shift+Esc to launch task manager. then go to the processes tab and end anything named iexplore.exe or firefox.exe.
this will force all internet browsers to close then open them up again and do not restore your browsing session
Need Help with Forums? (FAQ)


I wouldn’t wish this experience on anyone.