Annoying virus :(

Commoncold_2If you’re on Internet Explorer, you may be seeing warnings about a virus when you attempt to see Cute Overload.com. A virus appeared on this site about a week ago, and we’ve been trying to fight it, but have not killed it yet.

Thank you for all your notes and concern. Please know that we are working on killing it, but it’s an elusive little bugger.

We will follow up with more news ASAP, and in the meantime thank you for your patience…

"Common Cold" from Giant Microbes.com!

Comments

  1. Bless you!

  2. Good thing I’m using Firefox, then :)

  3. cootest rhinovirus i ever seeded :)

  4. These folks have everything plush and microbial! Check out the STD section! OMG!!!

  5. This explains why I’m so sleepy; caught a virus from teh Qte.

  6. Haven’t gotten an info box…….

  7. Yitzysmommie says:

    I have a hilarious picture of “viruses” from some medical magazine taped to my CPU to protect me from those nasty buggers.
    Have you tried Holy Water or Oil?
    A VooDoo priest/priestess intervention?
    Loud swearing accompanied by much kicking of ther= server?
    Good Luck! hat dem virooses. FWIW, I have not seen any problemas; we have intense anti virus stuff on home & werk comps tho.

  8. Hopefuly,

    The virus wasn’t that “plug-in for Real Player” that just popped up here for me to install. Yikes! I told it okay

    *needs reassurance*

  9. My Firefox shows it (and kills it) whenever it pops up, but IE at work doesn’t. Oops.

  10. Yay for Safari! I heart my iMac. Now I can enjoy CO uninterrupted! ^_^

  11. Good luck! Stupid virus… :-S

  12. virus – iz no kewt.

  13. The virus is called “bloodhound exploit.” Those poor bloodhounds! How much longer must they be exploited!

  14. I’m not sure if this tongue/cheek or if there was a real virus or what??!! I’m skeered of them.

  15. LOL cutest virus I ever saw.

    Too bad about the CO virus… SO far I have no warnings. but We have excellent coverage of our computer at home and my work one. so sooo far soooo goood.

  16. I had noticed that whenever I come to the site, all I get is the background until I hit reload and then everything is fine. I’m using Firefox.

  17. i use IE at work, but i’ve never received anything…did i bug everyone in the company for loving the qte?

  18. I managed to get it on my work laptop.. oops :) It’s now having to be reformatted next week as it’s left a load of rubbish on the laptop, double oops!!

  19. For me, the virus or whatever activates my ActiveX dialog box at the top of the IE window and says something about Remote Services. So I just don’t do anything.

  20. I thought I’d picked it up from a porn site, but now that I think about it…

    Spyware Doctor helped a lot, but yes, it was a pain to remove totally. Lots of fake executables, .dll’s, and registry entries. Had to trace down processes to see where they came from and what they were doing.

    IF that’s it, that is.

  21. If anyone finds out how to get rid of this without reformatting, please let me know! Both the boy and I caught it and he can’t reformat his computer due to school stuff!

  22. I have “mono” from this collection…it’s purple and has eyes with pretty lashes. I keep it on my desk at work and people always do a double take and ask “what IS that?”

  23. omg! my science teacher had those last year!

  24. heh. my family has a whole collection of these,and my mom brings them out every christmas (of course). they are fun to throw at each other.

  25. Cassie have boy get a memory stick and copy his stuff onto it. THen you can reformat the computer and after you are sure you have up to date virus protection on your computer scan docs on memory stick to be sure it is clear and then down load it to your newly formated computer.

  26. Well, I’ll have to check my work machine. It was acting rather odd last week. Serves them right for being addicted to Microsoft.

  27. Would now be a good time to point out how cute Tux the Linux penguin mascot is?

  28. This is how you get rid of “bloodhound”:

    http://www.pchell.com/virus/bloodhound.shtml

  29. I would guess that a CO virus would be floofy, blue, with BEF, knobbular knees and lots of chub.

  30. guineapiggin9 says:

    Yeah, I noticed it coming up from my Norton Auto-Protect. I was just about to send you guys an e-mail about it!! Hope you can get!!

  31. QteVirusSurvivor says:

    This bug is REAL.

    I believe I was infected on 12/12/07 (judging by subsequent logs), but did not really start noticing problems until the 14th (my AVG started throwing up warnings at me).

    I do NOT know what this thing is, or what exactly it is supposed to do, but my initial experience was exactly that of cboone21’s (the Active X dialog pops up wanting you to download Remote Svs or something from “Microsoft Corporation”). I did NOT authorize the download of anything, did not click the box in any way. IE would then hang, and I would close it. The fact that I never acknowledged the ActiveX bar (which in my totally un-computer-professional opinion is a cleverly designed fake) did not seem to make a difference; SOMEthing got through AVG and took up residence on my system. Subsequent visits to the site (on 12/14) involved the same fake ActiveX download request, and upon “loading” the page (note that it never actually loads when you do that) AVG started catching things that got through. Among the things it caught and identified: Packed.morphine.d, Obustat.ACRR, backdoor.rbot.avm, Trojan Horse Dropper.Generic. After a short time, I did not have to load a webpage for AVG to start catching these things-they seemed to float in from nowhere.

    Anyway, I got it by merely visiting the site. The ActiveX thing seems to only happen when I type in the URL cuteoverload.com and wait for the redirect to mfrost.typepad.com/etc. AVG resident shield was “mostly” up-to-date at the time (latest definitions, wasn’t the latest build-then), SpywareBlaster was up-to-date, Microsoft security updates were all installed, and somehow just by typing in a URL I got a whole bunch of ACK. (On a related note, I experienced the same thing on my work computer my last day of work, 12/11/07…the ActiveX thing, “threat detected” etc. But I’m on vacation so I guess it’s the IT guy’s problem).

    This post was made to warn others that this is REAL. I love cuteoverload, and do not blame the site owners in any way for this. I am currently hunting down a “contact” button to submit my hijackthis logs (and other logs) should they help identify the problem.

    IE7 users: in your browser bar click on tools, manage add-ons, enable or disable add-ons, and look under Add-ons currently loaded into Internet Explorer. If you see something there that you do NOT RECOGNIZE, is unidentified (will have a long number, and in the right hand column there will be a random 8-letter file ending with .dll, then you got this thing too. Be aware that it is NASTY and you will likely need specialized tools or help to get rid of it. IF you do have it, expect your antivirus program to start screaming at you that it is detecting threats left and right. This bug seems to attempt to download more and more bugs, among other things.

  32. QteVirusSurvivor says:

    Doggone it, make that a 9-letter .dll file (at least mine was).

  33. Is that why the site has been incredibly slow for me lately? I try to load it (I only use Firefox for general browsing), my entire system hangs, then it “loads”, completely blank until I refresh.

  34. I know there’s stuff out there for firefox, but thank god I use it. I haven’t had problems like these in ages! (Long live the nerds!)

  35. Simpson O'Brien says:

    meg, isn’t it nice to know all us Cuteologists have your back? DEFEND THE QTE!

  36. I am utterly astonished at the fact that this site is up and running even as you’re positively sure that it is infected! Seriously!

    I have NOD32 that warned me Friday (I think) and I gave you until now to fix it. I did not have your e-mail adress and I was not going to get in here again to tell you about it. I thought it was something you would have fixed by now, and if not, that you would have closed the site until you had. I got the bar on top now too, but my AV didn’t say anything more about it. Do I have this crap now?! If I do… my god. I don’t know what I will do, I don’t have the time to put a whole day to reformatting it. Honestly, how serious are you, meaningly infecting peoples comps with really vicious stuff. THANKS A LOT! I’ll never be back again. You’re f***ing crazy!

  37. Well, I’m feeling pretty smug about not using IE right now. IE, the gift that keeps on giving.

  38. Cay Borduin says:

    Bought a cold, a brain cell and E-Coli as Christmas presents!

  39. ++++++++++++++++++++++++++

    FIREFOX, FIREFOX FIREFOX!!!

    Good luck with the bug, Meg. I noticed I was having problems opening your page, even with the lovely and talented Mozilla product.

    ++++++++++++++++++++++++++

  40. yankeebird says:

    Well, that explains the whole “blank screen until I refresh” thing that’s been going on for a week or so. I’m glad I use FireFox, and I’m glad I downloaded AVG right away (and keep it up to date) when I got my new computer a couple months back.

    As for the microbes, I used to date a doctor so I gave him Gonorrhea for his birthday. I’ve never seen someone enjoy getting The Clap so much.

    And Maria, I’m pretty sure Meg & Teho aren’t maliciously infecting everyone’s computers with bugs. No need to call them crazy. It’s the internet, viruses happen.

  41. Here is Symantec’s writeup on the browser exploit:

    http://www.symantec.com/security_response/writeup.jsp?docid=2007-121117-2716-99

  42. Oops double post. :\ Site errored the first time.

  43. ummm, maria? settle down and keep the profanity off the Qte. if you were so worried about contamination why would you even post something here. (you don’t have to answer that.) sheesh.

    get well soon, co. i am sending tissues and echinacea.

  44. BAHAHAHAHA! Awesome! I ordered the syphilis plush for my boyfriend a few days ago. It’s the gift that keeps on giving.

  45. I suppose that explains why CO was taking forever to load (in Firefox, woo!) for the past few days. I thought either my connection or my computer was being wonky (both being equally likely), but apparently not.

    Get well soon, CO. I don’t know what I’d do without you.

  46. I’m using firefox, and I’ve been having it load blank and then load properly when I hit refresh. Was wondering why it kept doing that. Thank God I’m not using IE!

  47. Hey Patty P,

    You’re probably OK, but never, ever, ever trust a plug-in for real player or any other media player you get off of a website. If you need a particular plug-in for something, find out which one it is and go to the original site for that plug-in and hope the creator is someone you can trust. This applies even if you have a mac (which I do), as some of the plug-in exploits can even effect that platform. The internet is the new wild-west. You really can’t be too cautious.

    Nule

  48. for those using firefox, i would also suggest a plugin called “No Script” – you can do a goggle search. it blocks any “scripts” from running on webpages — you can control what is safe or not safe, universally block all scripts, etc. and also temporarily allow scripts per each website you visit.

    i am glad i have it, firefox and AVG.

    now to check out flu/virus plushies !

  49. *sigh* – “google” — p.s. it also blocks popups!

  50. margaret…

    Its ok. I have syphilis, too. Its great for parties.

  51. I kind of agree with an earlier poster… if you KNOW the site is potentially infecting viewers’ computers with an apparently very serious virus, I think the ethical response is to take it down or AT LEAST to post a warning in a prominent place SOON after you discover the problem. I love love love CO, but this is kind of irresponsible. I think I won’t be checking the site for several weeks now (so if anyone actually wants me to get a response to this post please e-mail me — fleurdiabolique at gmail)… hopefully you’ll have cleared the virus by then.

  52. Hey folks –

    The virus might not be actually “on” the site, it might be one of the many banner ads which Cute Overload doesn’t have any actual control over. Cut them some slack until they figure out what’s going on, okay?

    In the meantime, this is a good reason to run Firefox instead of Internet Explorer – there are too many ways you can have bad things happen in IE just for visiting a webpage.

  53. Actually if you have your virus adware and malware protections on your computer up to date. you shoud be fine.
    and George is right.

  54. Oh and regarding using explorer verses firefox. again if your protection software is up to date you should be safe.

    I use both because some programs I have to use at work function better on explorer. and some function better on Firefox. 6 of one half a dozen of the other.

  55. acelightning says:

    I’ve also been getting the “very slow to load, loads a blank page, then loads okay when I hit reload” behavior. I use SeaMonkey (another Mozilla product), and I’ve got AVG Anti-Virus, Spybot S&D, and Zone Alarm, and I’m pretty sure there’s nothing wrong with my computer. But I’m going to scan my system and clean everything up anyway, Just To Be Sure.

  56. Checking the plugins, as stated above, is a very good idea. Track down references to these by searching the registry and deleting the entries there, also.

    During the process I also manually created my own replacement files for the .dll’s and .exe’s. This way my own zero-sized file was in the way and helped stop the real files.

  57. Not sure if everyone gets the same virus from here, but for those who have it.. it’s called Virtumonde, and google will give you some removal tools for it, normal virus scanner doesn’t do the job – you need to download a specific remover for it.

  58. I have Firefox but CO still doesn’t show. :(

    No virus, though.

  59. While I understand some people’s point, I don’t think that CO should be blamed for infecting people, because they didn’t take their site down. They should have a warning that’s a little more obvious that a possible joke, but that’s just my opinion.

    Those who say that anti-virus stuff should be okay… That’s NOT always the case. I got a virus once that my computer didn’t pick up, and my scanner WAS up to date. The fact that some people keep getting their scanner popping things up at them, even when they’re no longer on the site shows that SOMETHING got through their scanners. So while I won’t blame CO, do NOT assume you are safe, just because you have a scanner

  60. Incidentally, I can access CO through BOTH IE and Firefox if I type the original url http://mfrost.typepad.com/cute_overload

    Try it…

  61. I realize this probably isn’t the solution they want us to use :) … but besides security software, I use Firefox and have an ad-blocker installed… I (almost) never see *any* ads on webpages (besides being a lot safer, it also makes for much cleaner pages!)

    With this CO problem, I’ve had times in the last couple of weeks where the site was down completely, but other than that, no problems. I assume it’s because I’m not trying to load any ads

  62. Another reason for Firefox to be the official browser of CO… (also, they have a cute icon… it’s perfecT!)

  63. I’m going to have to stop browsing here at work – :( that would not go over well one bit :(

  64. CheshireCat says:

    Virus may look soft furry and cute but beneath those seemingly innocent eyes eeevil lurks.

  65. I just want to do a shout out to http://www.giantmicrobes.com — i have probably 15 of them, and they are the cutest little plagues you’ve ever seen!

  66. Hi Everyone,

    Sparkster here. We’re well aware of the problem and sincerely apologize for any issue this may have caused anyone. Unfortunately, it appears the source is coming in through one of the ad networks which we have no control over the content. As a result, we’ve not been able to reproduce the problem on our side. We’re systematically turning off the networks trying to identify the source. If anyone is able to identify one of the assets that has an infection, please send an email to sysadmin@cutelabs.com, so we can identify the network in question.

    Again, our sincere apologies and thanks for your help.

  67. I’m so glad I use Firefox right now… off to run hijackthis!

  68. :D I have that cute little microbe plushie! And he has his necrotizing fasciitis microbe friend to keep him company!

  69. I am now glad that I use Firefox (with cute plugins) and AGV Free. Although I will look up that plugin for the ‘fox now.

    As for that blue virus..is it a sick jigglypuff? (imagins Jigglypuff trying to sing and coughing instead..)

    Hope you can find out what is causing your problems and that you can stomp it out….

  70. I’ve never wanted a cold so much in my life!

  71. This makes me very sad. I need my cuteoverload fix several times a day or I’m just not right. Now I’m scared to visit the site… although it doesn’t stop me. I’m just here less often. My IT friend said if I break another work laptop I will get the oldest desktop around and never get another laptop again! :( I need it to do my job. Please get well soon and get some immunizations to prevent getting sick EVER again!

    Thanks!

  72. catloveschanel says:

    How Rude! I hope that person gets a lump of coal in their stocking! Everytime I go on CuteOverload to take me away from my troubles, it closes right up. Maybe it’s the Grinch. I open it again, and it works. Persistence Pays Off. About the virus, I did just catch a cold, and I went and bought some sudafed. Maybe you could try that. Merry Christmas to all and to all a good night.

Follow

Get every new post delivered to your Inbox.

Join 13,713 other followers