I got an email from Julie, asking me if I'm able to help her. Her blog has been compromised:
"I seem to have a virus on my main blog page. Advertisers are trying to get in. The page comes up, but immediately starts downloading all these advertisers and the page goes blank, I can go to my dashboard, new posts, etc. But I cannot get on my main page. Please email me as I can not read my comments."I emailed Julie back, then thought others might be experiencing the same problem. This is what I have suggested - and if anyone out there has any ideas, I'd be very grateful if you'd leave a comment!
1. Update your antivirus and then run a complete check.
2. Install Firefox.
3. Install Yahoo toolbar
4. Clear your cookies
5. Install MalwareBytes
Are you using Firefox as a browser? If not, I'd download that immediately, and also install the yahoo toolbar. Which has an AntiSpy thing you can run (takes around 4 seconds usually, but may take longer in your case. See if anything comes up and if so, click Remove All. (I aways run this when I've had a session of site hopping, to delete any cookies and spyware sites might try to put on).
Firefox also has widgets - it'll come up automatically on the intro page, or you can go via Tools > Add-ons > Browse Add-ons > Browse All Add-ons to get to the main page, where you can see all widgets listed. This is on your top toolbar. Try downloading AdBlock Plus (free of course). Firefox also has a pop-up blocker which comes with the package. It's a lot safer than Internet Explorer.
Also on the top toolbar, in Tools, using Firefox as the browser, you also have these options: Start Private Browsing (so you can blog-hop etc without all these advertisers putting cookies on your site) and the most important one, which is to clear your cookies.
I think the cookies are your problem - clear by going to Tools > Clear Recent History and use the drop-down menu to clear Everything. This unfortunately means you'll have to put all your passwords in again, but Firefox will offer to remember them for you, so at least you'll only have to do it once.
I'd also recommend downloading Malwarebytes in addition to your normal virus checker, as it looks for different things that the other virus checkers don't always catch (especially those masked antivirus ones where they say your firewall etc doesn't work, and tries to sell you an antivirus - and which pops up quite aggressively onto your computer screen even when you are not online). Maybe this is your problem? It's actually a keylogger, so it's even more important you change all your passwords. And once you are clear, and all is OK, go in and change all your passwords again. Write them down by hand, don't keep a copy on your computer.
I use the free version (always update for the newest stuff before you run it) and it's excellent. It's caught stuff Kaspersky and Norton haven't - the "antivirus" one in particular. And it will delete trojans.
Why don't you try this as well:
Save a copy of the blog to your hard drive: Layout > Edit html > Download Full Template, and then run MalwareBytes AND your normal antivirus software, which will also check the actual blog template for any viruses. So you'll be able to reload the blog (Layout > Edit html > Browse - the button is just under the Download Template) knowing it's safe to do so.
But you will still need to delete those cookies!
If none of this works, but I am very sure it will, then you'll have to go to the Blogger help site and see if there's anything else you can do. I am not 100% sure about this - but deleting your blog and then reactivating it might also work (only as a last resort once you've tried everything else I've recommended).
Once you are clear, you need to take a look at your settings to stop this happening again. Go to Settings > Comments and tick the Moderate Comments Always box. It is NOT sufficient to put on a word verification as the spammers will enter the captcha letters and then the comment will go straight onto your blog anyway - including all the pop-up stuff!
You absolutely must have the Moderate Comments put on, and you might also want to create a Yahoo email address so anything from the blog will go there, rather than your home email address.
In fact, you don't need Word Verification at all if you have the Moderate Comments box ticked, as nothing can get past you!
You'll see a comment come in as an email (this is what I have set up) so you can reject the comment straight away without needing to go to your blog - which stops all this crap immediately. Clicking on the comment in your Dashboard to accept/reject can actually activate some of this stuff!
You might have noticed a previous post where a spammer had hijacked one of my yahoo addresses - I simply deleted this off my system, and used a different email address, and all is well again. And of course I changed all my passwords... just in case...
I hope this helps - and if anyone else has come across this problem, and found a better solution than the ones I have suggested, please let me know so I can post it here. Thanks everyone.