••• IMPORTANT - Read Regarding BYC Downtime & Malware Warning •••

Quote:
Well, I can't swear that mine came from BYC but I visited the site an hour or two before I noticed site was down... then later realized I had picked up a virus somehwere that Norton let right on in. The virus I had on my system was called the Alureon.H. It was quite nasty to find and repair as it embeds itself into your root directory as well as system restore points and can even conceal itself as a driver. Norton AntiVirus was installed on my machine so it didn't even detect it during the scans. Malwarebytes and Microsoft Security Essentials both pick it up (they were installed after the infection) but neither could remove it. The virus showed up during scans as 'Win32/Alureon.H'. What the virus caused... when I surfed the web to search for anything, then clicked on one of the search results, it would take me to a totally different unrelated site than what I had clicked on. I have no idea if it had other effects while surfing as once I realized I had a virus I quit using the PC until I got it fixed. So far (knock on wood) it appears I have gotten rid of it without having to reinstall the OS as a lot of techies recommend to get rid of this virus. If others are runnning into the same virus I'd be happy to post what methods I used to get rid of it.

Quote:
Well, I can't swear that mine came from BYC but I visited the site an hour or two before I noticed site was down... then later realized I had picked up a virus somehwere that Norton let right on in. The virus I had on my system was called the Alureon.H. It was quite nasty to find and repair as it embeds itself into your root directory as well as system restore points and can even conceal itself as a driver. Norton AntiVirus was installed on my machine so it didn't even detect it during the scans. Malwarebytes and Microsoft Security Essentials both pick it up (they were installed after the infection) but neither could remove it. The virus showed up during scans as 'Win32/Alureon.H'. What the virus caused... when I surfed the web to search for anything, then clicked on one of the search results, it would take me to a totally different unrelated site than what I had clicked on. I have no idea if it had other effects while surfing as once I realized I had a virus I quit using the PC until I got it fixed. So far (knock on wood) it appears I have gotten rid of it without having to reinstall the OS as a lot of techies recommend to get rid of this virus. If others are runnning into the same virus I'd be happy to post what methods I used to get rid of it.

Yes, please! If you'll post what you used, and links, it would be very helpful. This nasty brat trojan is affecting lots of people worldwide and it isn't consistent in its trickery. Thanks!

Don't wanta make you feel bad, Nifty, but this piece of malware was the last straw for my computer. It got sick, sick, sick. But, good news--our computer guy (whose business is a couple hundred feet from our door and walking distance across the parking lot) sent his college age staff over to fight and fix it.
He told me that I had a LOT of malware from downloads. He also said that all of the "free" sites--NOT forums, like this--cost you on average about $120.00/year to fix because of attached malware. Just an FYI.

Sorry to say but the problems apparently aren't all fixed! My antivirus software (TrendMicro) is still warning me and blocking some kind of ad site from BYC every time I go into the forums. Here's a screenshot:



FYI the URL in question is not being "restricted by my company" (which would be me ) - so that means that TrendMicro is identifying it as potentially harmful. I only get this on forum pages. It's not causing me any problem - just annoying. But who knows if others might be having issues... A member in the Nevadans thread (SparksNV) had her computer crash and thinks it might be related.

We're working hard to find some solutions to this. There are a lot of variables involved, and we've found that many people already have stuff on their PC's and don't know about it until they do a scan. As ducks4you's PC peeps mentioned a lot of downloads have malware that hides on your machine. We encourage everyone to keep their PC updated and keep their antivirus and antimalware applications runnning and up to date.

The one we were hit with seems to rear it's ugly head by:

1) Redirecting searches to shopping sites
2) Not allowing you to visit the sites that have the malware removal tools
3) Stopping you from running malware

If you are having the problems above please PM me. I don't have any solid fixes (yet) but I have some technical ideas that you or a tech person may be able to try.

As peeps continue to find (or have experts find) stuff, please pm me with as many details as possible.

Ok, we're making some progress (thanks geosheets and ChooksChick)

If you are having the problems mentioned above, you can search your Windows registry and determine if this might be a problem on your machine. Follow these steps:

1) Click the "Start" button in your Windows toolbar (bottom left)
2) Look for and click "Run..."
3) This will open up a dialog box. In the box, type "regedit" and click "OK". The "Registry Editor" will come up.
4) Click "Edit" then "Find" and enter the following: 93.188

If you find some entries you may want to delete them and reboot your computer by following the steps below: REMEMBER, Do a backup of your registry first!!

We suggest you start your computer in "safe mode with networking". For an XP system: Reboot your computer and while it is starting up, hold F8… when prompted select safe mode with networking

1) Read a little about your computer registry: http://www.registryrepairsolutions.com/windows-registry-101.html
2) Click the "Start" button in your Windows toolbar (bottom left)
3) Look for and click "Run..."
4) This will open up a dialog box. In the box, type "regedit" and click "OK". The "Registry Editor" will come up.
5) Do a backup of your registry "File" then "Export" save the export somewhere safe
6) Click "Edit" then "Find" and enter the following: 93.188
7) If you find an entry record what it says, probably something like: "NameServer = 93.188.164.72,93.188.166.222"
8) Right click on the item and then "Delete"
9) Reboot your computer
10) See if you are still having the same problems as above.
11) You should be able to run the malware / spyware removal tools. Here are some that have been recommended:

http://www.microsoft.com/security/malwareremove/default.aspx
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.safer-networking.org/en/download/

My PC was attacked with lots of nasty viruses as well. Mine didnt have anything to do with BYC though. As yours started on the 15th and I got mine on the 12th. I opened an email and lots of 'add-ons' started popping up asking if I wanted to install them. The email was from a site I knew, it wasnt just some random email I opened. It was from the Araucana yahoo groups. I started clicking out of the add-ons and clicked out of the email and went about my business. It wasnt 5 minutes later that my PC shut down and wouldnt let me do anything. I couldnt go online to any site except for the one it kept sending me to. It was to buy some sort of 'anti-virus software.' I couldnt even go to Start or any program on my PC. Thankfully my bosses husband is a great comp. tech and was able to fix my comp. He said it was a nasty little thing that would embed itself in a file on my PC and try to hide. As if nothing was wrong. He told me I had over 300+ files that were infected. Thankfully everything is fixed now and working great. Ive owned different computers close to 15 years now and not once have I ever had any virus or bugs on my PC. This was the first time. Hopefully its my last one too.

Two things I've learned:

1) Lots of people have viruses, malware, spyware, etc. on their PCs and don't even know it.
2) A ton of sites got hit the same way BYC did... even some big ones like Tucows!

Keep your PC and virus software up to date!

Boy I have to tell you that I felt awful when this happened and extremely relieved when it was fixed. Little did I know, however, that at the same time this crud hit BYC, it also hit my own website. What a bummer. And being green, I wasn't quite sure how to fix it. As of today, it's fixed, but I don't think Google has given the green light yet. So sad people have nothing better to do than be evil.

Thanks for getting us up so quickly!

KC

Nifty - any other recommendations for the registry entry #? That one doesn't bring any results, and I still haven't been able to remove the Google Redirect Malware.

Additionally, none of my anti-SPYWARE software will run anymore, and if I try to download another malware/spyware program, it will install but not run. Odd.