I have some unfortunate news to report. For part of Sunday and Monday, ads displayed on MobyGames may have been trying to install malware. As soon as we discovered this was happening, we shut down all ads and tracked down what was happening and removed the offending code and fixed the problem.

Hopefully nobody was infected by this, but I wanted to let you know what was happening and tell you to please check your computer and make sure you AV is up to date and scanned recently.

Please accept our apologies. This problem was related to 3rd party ad serving software and was not a result of MobyGames being compromised.

Interesting. Apparently that dang message only shows up when you use the search engine. Wonder why I still get the message since I haven't tuned-on ads in MG since 1776. :p

Hmm. Not just the search engine apparently...everything except the forums and approving (plays hide and seek with the script).

I'm still getting warnings when accessing game sheets. The problem seems to still be there.

The warnings are based on google's scans, and google only scans a few times a day. This will probably be gone by tomorrow.

Ah, this would explain why I didn't see these warnings yesterday.

Google scans aren't to be taken as the best authority. Just sayin'.

Hmm, a couple of days ago when i accessed the main page it simply turned off my browser. This happened all the time, until i decided to click quickly on another link. Then it was gone, i think.

Also AVG found several Troyans in my PC, this happens quite rarely. But it may have been from other sites i've visited.

Yes, Firefox/Google kept warning me. I didn't think it was MobyGames but I figured it was the ads. Strange, I turned off ads not long after getting here.

It is with great shame that I admit I looked at the title and honestly thought you meant scan your computers. As in on a flatbed scanner, like you would scan a cover. The inner monologue then went something like this:

"We're expanding the database to include images of computers? I mean... I guess that could be useful from a historical perspective, but why do we need to scan them? I could probably fit the old Compaq on a scanner, but I'll have a hard time with my modern tower..."

Then I read the post.

I'm an idiot.

True story.

lol, yeah, actually my first reaction was a photo will be easier and may turn out better... :)

You guys would be a hit in parties. :p

Any chance you'll tell us which ads? :)

I just finished my scan, and Avast found nothing. Like Mom said, would you mind telling us which ads?

Kids, I can't stress this enough: Control Your Cookies! Use only ONE Firewall at a time, and Manually block your cookies. Example: If mobygames.com want's to place a cookie on your box, check HellYeah, remember, and move on. If ads.upyerbutt.de wants to lay a cookie in there, say HellNo, click remember, and go about yer business.

I was annoyed by the warnings, but nothing got through.

In addition: I would also like to know the offending ad's home. I almost believe you owe it to the community to say so. Only exception: The site/advertiser had no knowledge of the worm, and took measures to kill it. If they did it on purpose, you'd better spill the beans...

Cookies are harmless... at least as far as security goes. They are just stupid chunks of data being sent to and fro between the server and the browser, no executable code involved. By disabling cookies you can prevent sites tracking you, but they won't mess up your computer.

I'm just using NAT and Microsoft Security Essentials - hope the latter would have caught it if I got it (scanning now). Software firewalls and anti-virus applications often create more problems than protection...

Edit: hmm, seems I got infected; Security Essentials detected it, but only in a scan, no notification whatsoever when the stuff actually got on my computer:

Exploit:Java/CVE-2008-5353.CG, Exploit:Java/CVE-2009-3867.EW, Exploit:Java/CVE-2008-5353.PG, Exploit:Java/CVE-2009-3867.D, Exploit:Java/CVE-2008-5353.HN, Exploit:Java/CVE-2008-5353.ND, Exploit:Java/CVE-2008-5353.OW, Exploit:Java/CVE-2009-3867.EQ, Exploit:Java/CVE-2009-3867.GC, Exploit:Java/CVE-2008-5353.EQ, Exploit:Java/CVE-2008-5353.KE, Exploit:Java/CVE-2008-5353.JM, Exploit:Java/CVE-2008-5353.KM, Exploit:Java/CVE-2008-5353.DB, Exploit:Java/CVE-2009-3867.EZ, Exploit:Java/CVE-2009-3867.GM, Exploit:Java/CVE-2009-3867.HC

found in the Java cache (C:\Users\[Username]\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\). Of course those could have been there forever since Security Essentials didn't even notice them when they were downloaded. As I said, most security software is ridiculously useless.

My computer is too big to fit into the scanner :( This thing was made for A4 sheets, not big chassis... es.

Yeah, figured it was the ads, as that's how I heard these Java exploits spread. Uninstalled Java, to be on the safe side (yes, including manually uninstalling (ie. delete file and remove registry entries) the deployment thing, which is what's targeted in the first place from what I see)... Seems like a lot of these in the wild lately.

Did a scan with an up-to-date Spybot - nothing.