So, let me tell you something!

After not showing my face for a month or so, forgetting about Sunrise all together, it dawned on me that the Alpha for MWO, has arrived. So shortly after installing, i find myself sitting in front of a screen telling me that i had just recieved a virus, and a screen prompting me to continue a scan to find, the same TROJAN that is harlmess to any FREE virus scan, however i cant remove virii with a FREE virus scanner. As a result ive been forced to endure i viral attack, and force fed a $90 bill to pay for a virus scanner which was able to clean out my gear... for now!

Just a question, is this Fair, or Irony... I waited in line just like any of you folk, donated, shut up, joked and laughed, dreamed and many other verbs... Well? How should i feel

Downloading and installing MWO has brought me far from the joy i was expecting, or the hit to the credit card, all on a friday night.

I feel bad for ranting, but i also feel pretty let down right now.



I just wanted to voice my opinion/rant.

Am I not meant to play or what? Seriously bumbed about this

Do you use a Norton Anti-virus?

Edit:
You aren´t too clear on your post so that leaves so much room for error here, are you sure you´ve downloaded the right file?
If you got the right file, but if you use norton anti virus that could be the cause of the problem.
Norton anti virus for some reason or another thinks that unity files (files built by the engine we´re using) are malware or virus.

Here i use Avira Free (http://www.free-av.com/), it does auto update and check files before i execute them and stuff.

It sounds like you might have fallen for a Rouge Trojan virus. I'm sorry it happened to you, a lot of people fall for it. I can 100% guarantee you after 4gb of downloads and no prior virus reports, that your virus did not come from us. Please read about Rouge Trojans here: http://www.microsoft.com/security/antivirus/rogue.aspx or http://www.ehow.com/how_5039986_spot-fake-virus-scan.html If you are subject to this you may want to call your credit card company and have the charges reversed.

I was a PC/MAC cleaner once upon a time, and I can tell you now http://www.malwarebytes.org/ is your friend and its free. No need for $90 software these days. AVG is another decent free antivirus. Also Taigo is correct about Norton. Norton will detect viruses that aren't even truly viruses offering you the worst protection you can get.

I got a virus back in 1986 from this chick, the doctor gave me some penicillin and it cleared right up.

I have AVG free, And no u dont understand my situation at all.

every time i attmpted to click on Firefox of IE, an error/viral hit pops up and says i should clean/repair, remove or scan, and all it let me do was buy a new scanner, I dont make this crap up, i have had better things to do on my nights off.

And the download process seemed pretty easy, unzip nd install... um, right? I havent ownloaded anythig for months, ive have no time to be myself at my PC.

The only file i downloaded recently was, MWO, and that was last night.

So, to summarize, I WOULDNT BE TELLING YOU PEOPLE THIS NOW IF I DIDNT PAY.

My only option was to click repair/remove, only to have the same window on me again and again without end, Like bovine at the slaughter house....and the red carpet treatment, (no the carpet isnt usually red!) heh. I literally picked my poison from on your list of mirrors,

So, to summarize, I WOULDNT BE TELLING YOU PEOPLE THIS NOW IF I DIDNT PAY.




What?????? OMG.





Send me $200 US dollars now or I will eat your dog. PAY ME NOW!

If you could please make that 1000.00 U.S. dolllars that would be better. Thanks in advance.

I expected a bit more help and insight than, 'Use a virus scanner' or 'you clicked on the one bad mirror'

I expected a bit more help and insight than, 'Use a virus scanner' or 'you clicked on the one bad mirror'

Dude this isn't coming from the guys and gals here at MWO. You just fell for one of the oldest scams on the intraweb. You got a virus from somewhere and then you actually gave them money. I sure as hell hope you didn't pay with a credit card because than they would have that information as well. I say again.

OMG! :-O

I had to pay through 'Verified by Visa', a very legit and notable service provided by my bank for online shopping and services. Not to mention my visa is about maxed hahaha.

Thanks for the uplifting words Scorp, you @$$

I expected a bit more help and insight than, 'Use a virus scanner' or 'you clicked on the one bad mirror'

Start to backup important things, update avira and make a complete scan, install and update Spybot (http://www.safer-networking.org/en/index.html) (don´t worry, it´s free).
If you get to erase the "virus scanner" wich is the actual virus and you feel that´s safe now, change all your passwords.
If everything else fails format and reinstall everything and change your passwords.

As for mwo, you can use our own mirror (http://www.motorworldonline.net/downloads/mwo.msi) so you won´t have to use free hostings and be exposed advertising who caused the problem in first place.

Matty,

Please check your PM. I will help in whatever way I can.

lol.

Urgh, that is indeed a nasty virus.

So it probably redirected you to a 'BUY ME' virusscanner.
Uploading and downloading can be dangerous.
Cause this is the oldest scam in the book.
Krappy, èh?

Well, sadly its taught us a lesson too, we will no longer use the "free" hosts in the future for hosting the file. I really hadn't noticed the free sites did stuff like that because I use a plug in called AdBlocker Pro, the ads never have a chance to open on my system.

...
http://img508.imageshack.us/img508/6555/failw.jpg

I've seen that happen on several occasions. You click a link and a window pops up telling you that your PC is infected with blahblah virus. You click the link and "bam" there's the virus. Even though your machine is clean, it'll say that anyway. I made that mistake once, and only once. :"> Good thing I didn't have a credit card.
On top of that, it's not really the host's fault, they can be hacked as well by these "adware virus ads"

i see what happened.. it's happened to me before too..
you got a pop up that says you have a virus.. it probably looked like an anti virus program that has detected a virus and will scan your computer and delete it for you right? well its not.. its a pop up ad that if you click scan,repair, delete virus ect will actually download and give you a virus. then they say you need to buy their program to get rid of it. its a scam i've seen it many times before and has nothing to do with mwo.

when ever i see it pop up what i do is hit ctrl alt del to bring up the task manager you will see i a list of programs running click on the one that is the pop up and hit end task.

but its to late for that. you clicked the pop up. (in the future dont do that) if you paid with a credit card call your credit card company and have them stop the payment. and keep an eye on it for any charges that arent yours. the only way i know to get rid of it completely is to wipe the computer clean and reinstal windows. but first copy any files you want to save like pictures ect onto a cd or some extrnal storage device.

i believe you also owe an apology to the mwo crew for accusing them of doing this to you. it wasnt them.

my wife got me into the habit of using Task-Manager to close those pop-up windows when they show up. there was one time that I got a virus just from being re-directed to a foreign website (and no...it was not even close to being pornographic in nature) that was a front office for a webhosting service.

:(

i see what happened.. it's happened to me before too..
you got a pop up that says you have a virus.. it probably looked like an anti virus program that has detected a virus and will scan your computer and delete it for you right? well its not.. its a pop up ad that if you click scan,repair, delete virus ect will actually download and give you a virus. then they say you need to buy their program to get rid of it. its a scam i've seen it many times before and has nothing to do with mwo.

when ever i see it pop up what i do is hit ctrl alt del to bring up the task manager you will see i a list of programs running click on the one that is the pop up and hit end task.

but its to late for that. you clicked the pop up. (in the future dont do that) if you paid with a credit card call your credit card company and have them stop the payment. and keep an eye on it for any charges that arent yours. the only way i know to get rid of it completely is to wipe the computer clean and reinstal windows. but first copy any files you want to save like pictures ect onto a cd or some extrnal storage device.

i believe you also owe an apology to the mwo crew for accusing them of doing this to you. it wasnt them.

I didnt actually click on any pop, I ran the MWO installer, which installed, i opened and ran the app, and in the background there was a 'commandprompt' window running, so if i got to hit taskmanager and try to shutdown, it was too late. At which point, myscanner said it would run a scan, but would only scan and not remove (this is where i ****ed up by not using task manager) long story short, yeah bad crap happened and here we are!

So ive just tried posting this three times, but it times out on me...

So to make this quick

Cargasm - I havent accused anyone or pointed a single finger at one user/developer for, but merely asked why this may have happened

Scorp - You didnt really do much to help the situation when i was bumbed out about the install and my Desktop, I am sorry for my comment and I was wrong to bestow a title upon you

Ken - I know youre a busy guy and it means alot that you would take the time to figure this all out. I know now, that certain files can be mistaken for evil files by other Scanners.

Taigo - I will be very cautious of the software i run in the future, knowing now that not all scanners/removers are worth the money

Ayce - Ive seen those popups hundreds of times when exploring the web, but in short, i should have run taskmanager to trouble shoot.

I know you all would be down in the dumps if you bought a sexy blowup doll, like Scorp. And then all it did was hiss and deflate, and thats how i felt at the time.

I understand that what happens on other hosting sites, will happen and it could not have been prevented by any of you, or our DevTeam. (Only you can prevent forest fires!, or viral attacks) :D

Thanks for your patience during my rant, and thanks again for calming me down.

If i missed anyone, who wants or feels an appologee is deserved, ill be right here

I also got a trojan during the release Saturday/Sunday and spent 2 days fixing it, but I don't know where I got it from. It was NOT the alpha though, that was clean, but I had lots of infected files in my temp folder.

I sure didn't click anything suspicious but at some point during the day I got a popup from an unknown "virus scanner" saying that I have a virus bla-bla. Rebooted immediately, but realized that it had wiped my explorer.exe. That was fun, trying to fix the system without the desktop.

I fixed the infection with the help of guys from Avast forums using free software. Malwarebytes' Anti-Malware helped the most (already mentioned in this thread). Sounds like you still have some sort of malware infection going on, possibly several different.

Anyways, the AdBlock does not work properly on Google Chrome, so I've switched back to Firefox now. Then I got a flu and that's why I haven't even been online on alpha after the initial try.

Easy, It was a timed malaware that was just siting there waiting for the right chance to write it self to the registry undetected. For example a new software being installed.
This is very common and most softwares don't provide a good protection agains it.
It doesn't matter what pages you explore or what you download. This viruses uses people connection to keep scanning vulnerable IPs on the background. When they find one the copy it self trough the net and you don't even realize.

A good solution is to have a good easy to configure firewall. I been using tiny personal firewall for years now and i have succesfully block all undesired connections request.
I don't even use an antivirus.
From time to time i do run a registry clean up using Reg Cleaner.
All the times i had to ever format the disk was allways due to lack of defragmentations wich in the end makes the Windows very slow and unstable.

When i have no program running i run a "Netstat" from the CMD and i have absolubtly no connections active in any port. The send/recieve rate stays at 0 as it should allways be.

you might want to try that. close every program and run a netstat see how many connections you have hooked up against your will.

Firewall is the answer.

I was under the impression that a NAT technically blocks incoming connections. It's different if a trojan gets through and initializes the connection to the outside, then it will not be blocked by NAT in anyway. I find windows firewalls quite useless, but they were enabled anyways. Hardware firewall would be best, but I have not found a reasonable solution yet. They tend to be aimed towards businesses and cost a whole lot..

I also got a trojan during the release Saturday/Sunday and spent 2 days fixing it, but I don't know where I got it from. It was NOT the alpha though, that was clean, but I had lots of infected files in my temp folder.

I sure didn't click anything suspicious but at some point during the day I got a popup from an unknown "virus scanner" saying that I have a virus bla-bla. Rebooted immediately, but realized that it had wiped my explorer.exe. That was fun, trying to fix the system without the desktop.

I fixed the infection with the help of guys from Avast forums using free software. Malwarebytes' Anti-Malware helped the most (already mentioned in this thread). Sounds like you still have some sort of malware infection going on, possibly several different.

Anyways, the AdBlock does not work properly on Google Chrome, so I've switched back to Firefox now. Then I got a flu and that's why I haven't even been online on alpha after the initial try.

Finally! someone like me! I lost my explorer.exe firefox.exe all kinds of crap!

Easy, It was a timed malaware that was just siting there waiting for the right chance to write it self to the registry undetected. For example a new software being installed.
This is very common and most softwares don't provide a good protection agains it.
It doesn't matter what pages you explore or what you download. This viruses uses people connection to keep scanning vulnerable IPs on the background. When they find one the copy it self trough the net and you don't even realize.

A good solution is to have a good easy to configure firewall. I been using tiny personal firewall for years now and i have succesfully block all undesired connections request.
I don't even use an antivirus.
From time to time i do run a registry clean up using Reg Cleaner.
All the times i had to ever format the disk was allways due to lack of defragmentations wich in the end makes the Windows very slow and unstable.

When i have no program running i run a "Netstat" from the CMD and i have absolubtly no connections active in any port. The send/recieve rate stays at 0 as it should allways be.

you might want to try that. close every program and run a netstat see how many connections you have hooked up against your will.

Firewall is the answer.

Thank you! You've really hit the nail on the head, my firewall wasnt up and running!
That is also my bad, ugh!

Ok now that you have finished sperging out over the deal, can you actually mention what host you got the alpha from?
Even though I highly doubt it was from the alpha installer I want to go check my own mirror and or remove the mirror that might has possibly been the issue from my site if indeed that is what caused it.

Glad I did not see this post earlier else I might have gone off on a tangent, the way you started this thread with the massive lack of info is what caused alot of the 'backlash' you recieved.

I was under the impression that a NAT technically blocks incoming connections. It's different if a trojan gets through and initializes the connection to the outside, then it will not be blocked by NAT in anyway. I find windows firewalls quite useless, but they were enabled anyways. Hardware firewall would be best, but I have not found a reasonable solution yet. They tend to be aimed towards businesses and cost a whole lot..

If you have a typical wireless router they tend to have built in hardware firewalls, so behind one of those you should be safe. Otherwize, I've seen used hardware firewalls going pretty cheap on Ebay, lots of good old used equipment on there. Just find some shelf space to sit the rack mountable box on if you don't have a rack...which most people dont xD. I'm a nut and have a home server rack setup, but that's another story.

If you can, download combofix and malewarebytes. If you arent able to download them, get on another computer and copy to a flash drive. Boot your computer in safe mode w/networking. Run combofix, when it completes reboot your computer. Run a deep scan with malwarebytes. This works for me about 90% of the time. Im a systems admin and work on small business networks. I run into this stuff all the time. Dont forget to make backups before you do anything, just to be safe.

I can tell you now that Malwarebyte's Anti-Malware is the best free software you can get. I have a CD of software tools and things I use to fix people's pc's and that is my most used program probably.

That and Spybot (http://www.safer-networking.org/en/index.html) is all I have. I don't run an Anti-virus or Windows Firewall. Only thing between the web and my pc is my routers firewall and my common sense.

I only trust a few free file servers such as fileplanet, mediafire and easyshare. I'm also running ad blockers and stuff on chrome so I don't see many ads.

Also, a good site to get cool little tools like everything I've mentioned is Major Geeks (http://www.majorgeeks.com/). I've gone to that site for years, never had a problem. Their servers can be a bit slow though.

Reg cleaner, yes, but I think CCleaner is the choice these days. Cleans up registry, temp files etc.

I think I clicked on the first link in the release post.

I do have a D-Link wireless router, but the wireless part is only used for the laptop, which seems to be pretty safe from the infection, nothing there. I don't like setting up wireless routers though. There are so many things you need to do to get a secure set up. Otherwise it'll keep advertizing itself on the radiowaves, like yelling out "hey, I'm here, connect to me". :p

I've setup more wireless networks than I care to count lol. It's pretty easy once you get the hang of it. I used to be a real ass and set people who were rude with me up with static IP's so that when their ISP renewed IP's and crap they would call me to come fix it. :p

Back on topic, I downloaded from the mediafire link twice then downloaded again from the top link because I thought there was something wrong with my game due to the darkness lol. I do think I clicked one other link, not sure which one, it took me to one of those funky sites that lists all of the mirrors that have the file hosted or some crap like that. If you got adware from anywhere I would assume that was it.

Anywho, it's 2:30 AM, my buzz is gone so I'm going to watch some Drift Tengoku and go to sleep. :)

EDIT: This link is the suspicious one. "Mirror 3: http://www.megaupload.com/?d=WT15QC9A" Does not seem to link to MU at all. You have plenty of other mirrors, I would suggest nixing this one. I swear I am going to sleep now.

Router's firewalls can be skipped by programs using NAT punchtrough. If you want to avoid that you have to disable NAT functionality in the router, but you will have to manually forward the right port for the right application.

Better is to have the firewall in your PC.

I might add that I had ran Avast full scan only a few hours before clicking the download link, and the scanner found no infections. I'm not sure did I have the resident scanner on when downloading though, or during the next following hours..

Adware is usually not picked up by Avast. On my old computer I would run Avast with Spybot then clean up any leftovers with Malwarebyte's. I also defragged once a week. Ad Aware is also about as good as spybot but you cant use them both because they detect each other as malicious software. :p Ad Aware LINK (http://www.lavasoft.com/products/ad_aware_free.php)

Adware is usually not picked up by Avast. On my old computer I would run Avast with Spybot then clean up any leftovers with Malwarebyte's. I also defragged once a week. Ad Aware is also about as good as spybot but you cant use them both because they detect each other as malicious software. :p

That figures, everybody wants to be the default. Like using 2 AV programs, they don't play nice with each other. ;)

On a side note, shouldn't the Windows malicious software removal tool detect Windows and remove it? :))

Whats up with the megaupload link anyways? I clicked it and went to some weird crap and luckily didnt get any viruses. The megaupload link works if you copy and paste it, but why is it even directing somewhere else in the first place?

Whats up with the megaupload link anyways? I clicked it and went to some weird crap and luckily didnt get any viruses. The megaupload link works if you copy and paste it, but why is it even directing somewhere else in the first place?

It's an link jacking site. It'll jump in between you and the site it links too. If you click on one of the download buttons it'll probably take you somewhere and bombard you with ads.

Noted and removed.

Some great advice here. Those trojans SUCK :( Malwarebytes is a fantastic tool. I do some freelance computer work, and virus / trojan cleaning is the most common thing. Two of my favorite tools are Malwarebytes, and rkill. Rkill is fantastic at stopping rogue software from running so that you can clean it with Malwarebytes.

I also rely on the bleeping computer website for great info on specific removal techniques for virus and trojan infections.

Adware is usually not picked up by Avast. On my old computer I would run Avast with Spybot then clean up any leftovers with Malwarebyte's. I also defragged once a week. Ad Aware is also about as good as spybot but you cant use them both because they detect each other as malicious software. :p Ad Aware LINK (http://www.lavasoft.com/products/ad_aware_free.php)
Well, Avast picked a Bamital variant, when others didn't, but it couldn't more or repair the infected file. Malwarebytes seems to be preferred over AdAware by some guys over at Avast forums. I ended up getting advice to recover the explorer.exe from one of the backup copies that hopefully wasn't infected. In the end, it was Windows internal recovery console or some such that helped recover the system into working operation after infections had been wiped out.. I couldn't even run Windows in safety mode, because I had some help file constantly reloading and messing up with focus. Spybot was pretty good at cleaning tracking cookies, but that's about all it did for me..

Offtopic but check this out xD

http://img819.imageshack.us/img819/1789/mco.gif

I've crossed a couple of times with a new browser virus that acts exactly that the one that begin this post.

Aparently some servers got infected. I clicked on a google sponsored "secure" web page (wich i had visit in the past) and i was redirected to a sort of web installation application and pum! the window propting me to run a scan on my pc for virus. That web site made it self the default page in the explorer. So i had to run firefox in secure mode and reset it.
After that event i ran a netstat and i had about 25 connections trying to hook up in one of my ports. The firewall prevented it and eventually the connections attept timed out. Now it's all ok. I didn't got infected either.

So keep your eyes open for this one. MAke sure you have your firewall set up.

megaupload.com is pretty safe bet for free file hosting been using for years. They dont have alot of links and if they do they're clean.