Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

ForumsDesktop computingIs Trade Me spreading virus again? (updated: metservice)


19 posts

Geek

Trusted
Topic # 88365 14-Aug-2011 18:55 Send private message

my the other laptop just got infected after visiting trademe, metservice and nzherald last night.  didn't click on anything.  this personal shield pro somehow is installed on the pc.  have been trying to do something since.  managed to "pause" the program to do something.  my other laptop (the one i'm using) is fine, so I can search some articles about removing it.  surprising the microsoft security essentials didn't pick anything up, after 3 hrs of full scan.

called TM and emailed nzherald.  curious to find out who it is to spread the virus.

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8Next
13286 posts

Uber Geek

Trusted
Vodafone NZ
Subscriber
  Reply # 506373 14-Aug-2011 19:01 Send private message

Give me one good reason why TM / NZherald / Met service would spread a virus?

You emailed them they must be rolling around on the floor laughing




Systems Engineer Vodafone NZ

http://forum.vodafone.co.nz



19 posts

Geek

Trusted
  Reply # 506378 14-Aug-2011 19:04 Send private message

not on purpose of course.  they've been targeted.  probably spread via some of the advertisements (they can be very heavily scripted) 


this is what happened last year: http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10677853

128 posts

Master Geek

Subscriber
  Reply # 506379 14-Aug-2011 19:08 Send private message

I have always used http://www.malwarebytes.org/ to get rid of these.

Download & install the free version. Install & do any updates.

Then boot to safe mode & run a full scan from there.



19 posts

Geek

Trusted
  Reply # 506382 14-Aug-2011 19:13 Send private message

thx!  doing a full scan with Malwarebytes right now.  fingers crossed.

still curious which site is spreading it. 

13286 posts

Uber Geek

Trusted
Vodafone NZ
Subscriber
  Reply # 506384 14-Aug-2011 19:16 Send private message

It might be a false positive

John




Systems Engineer Vodafone NZ

http://forum.vodafone.co.nz

BDFL
43668 posts

Uber Geek

Administrator
Trusted
Geekzone
Subscriber
  Reply # 506385 14-Aug-2011 19:16 Send private message

johnr: Give me one good reason why TM / NZherald / Met service would spread a virus?

You emailed them they must be rolling around on the floor laughing


It happened before, and not a reason for them to laugh. It only needs someone to approve a rogue ad coming from a unknown source and all hell breaks lose.

 





Mauricio Freitas (Geekzone Admin, Devil's Advocate, my blogtechnology disclosure, my tweets, Web Performance Optimization

Geekzone Price comparison | Amazon Kindle order page | How to get the best out of Geekzone | New Zealand IT Jobs | Geekzone News | Jinglebugs 

803 posts

Ultimate Geek
  Reply # 506386 14-Aug-2011 19:16 Send private message

funny you should say that.. my sister had a virus alert come up after visiting metservice last night






13286 posts

Uber Geek

Trusted
Vodafone NZ
Subscriber
  Reply # 506387 14-Aug-2011 19:17 Send private message

freitasm:
johnr: Give me one good reason why TM / NZherald / Met service would spread a virus?

You emailed them they must be rolling around on the floor laughing


It happened before, and not a reason for them to laugh. It only needs someone to approve a rogue ad coming from a unknown source and all hell breaks lose.

 


Fair point I never thought of the ads on the page!




Systems Engineer Vodafone NZ

http://forum.vodafone.co.nz

BDFL
43668 posts

Uber Geek

Administrator
Trusted
Geekzone
Subscriber
  Reply # 506388 14-Aug-2011 19:18 Send private message

These guys are clever. They approach as an ad agency, book ads and start running something that is ok, so if the media managers check they don't reveal anything. Half way through the ad campaign they switch to a script with some malware, and no one will notice until a lot of users are infected.






Mauricio Freitas (Geekzone Admin, Devil's Advocate, my blogtechnology disclosure, my tweets, Web Performance Optimization

Geekzone Price comparison | Amazon Kindle order page | How to get the best out of Geekzone | New Zealand IT Jobs | Geekzone News | Jinglebugs 



19 posts

Geek

Trusted
  Reply # 506391 14-Aug-2011 19:24 Send private message

l43a2: funny you should say that.. my sister had a virus alert come up after visiting metservice last night


is it Personal Shield Pro?  it keeps popping up pretending to be an anti spyware warning you about your pc's infected.  it's a malware itself.  don't agree to "protect" your computer or even purchase their software.

2146 posts

Uber Geek
  Reply # 506395 14-Aug-2011 19:33 Send private message

And people wonder why I use noscript/etc to block ads!

803 posts

Ultimate Geek
  Reply # 506398 14-Aug-2011 19:36 Send private message

graciem:
l43a2: funny you should say that.. my sister had a virus alert come up after visiting metservice last night


is it Personal Shield Pro?  it keeps popping up pretending to be an anti spyware warning you about your pc's infected.  it's a malware itself.  don't agree to "protect" your computer or even purchase their software.


that didnt come up, her anti virus (AVG) came up with an alert with some random .exe file and it was removed.






BDFL
43668 posts

Uber Geek

Administrator
Trusted
Geekzone
Subscriber
  Reply # 506406 14-Aug-2011 19:46 Send private message

kyhwana2: And people wonder why I use noscript/etc to block ads!


You are only really at risk if you don't keep your PC up to date. Some drive-by downloads use a mix of vulnerabilities, most of them old. If you have a machine that is up-to-date is less likely anything like that would affect you, script or no script.
 





Mauricio Freitas (Geekzone Admin, Devil's Advocate, my blogtechnology disclosure, my tweets, Web Performance Optimization

Geekzone Price comparison | Amazon Kindle order page | How to get the best out of Geekzone | New Zealand IT Jobs | Geekzone News | Jinglebugs 

don@i.am.a.can.do.kiwi.nz
3129 posts

Uber Geek

Subscriber
  Reply # 506413 14-Aug-2011 19:55 Send private message

Nice - after debate, wife is now installing adblocker :)





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz



19 posts

Geek

Trusted
  Reply # 506415 14-Aug-2011 19:58 Send private message

malwarebytes found 2 infected files and removed them.  However, it's still not right.  All the google search results point to some random URL.  IE. nzherald site, if you move cursor over the link, you will see in the status bar it's pointing something like 178.12.343/something/something.  it goes to a travel site.  tried some others, goes to some gossip sites.  something's still there :(  interesting though, when I run google.co.nz on chrome, clicking on "search" it just won't go anywhere. 

 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8Next
View this topic in a long page with up to 500 replies per page Create new topic
Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when new jobs are posted to our jobs board:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »
Android and iOS combine for 92.3% of all smartphone OS shipment in the first 2013 quarter
Posted 17-May-2013 08:38

Apple’s App Store marks 50 billionth download
Posted 17-May-2013 08:25

Gen-i divests Davanti Consulting through management buyout
Posted 16-May-2013 14:02

Huawei G510 bring big-screen mobile entertainment for Android users
Posted 16-May-2013 11:49

BlackBerry BBM goes multiplatform: iOS and Android versions
Posted 15-May-2013 11:28

BlackBerry introduces BlackBerry 10 QWERTY smartphone
Posted 15-May-2013 09:32


Trending now »
Hot discussions in our forums right now:

A reason not to shop at dick smith
Created by dsnz1, last reply by AKLWestie on 17-May-2013 22:45 (82 replies)
Pages... 4 5 6

A new project coming to Geekzone
Created by freitasm, last reply by Niel on 20-May-2013 06:01 (200 replies)
Pages... 12 13 14

HTC One (2013) owners' discussion
Created by Dingbatt, last reply by Finch on 19-May-2013 22:02 (1441 replies)
Pages... 95 96 97

Sitting on a boring conference call
Created by SaltyNZ, last reply by SepticSceptic on 17-May-2013 16:52 (14 replies)

Samsung Galaxy SIII Discussion and Owners Thread
Created by networkn, last reply by Johnk on 19-May-2013 16:32 (5523 replies)
Pages... 367 368 369

Chorus is cutting the cost of VDSL to service providers from June 7
Created by maxzzz, last reply by Zeon on 19-May-2013 19:40 (46 replies)
Pages... 2 3 4

Office 365 service outage 2013-05-18
Created by freitasm, last reply by nitrotech on 19-May-2013 18:58 (18 replies)
Pages... 2

Best DVD Ripping software?
Created by Finch, last reply by dclegg on 19-May-2013 13:21 (27 replies)
Pages... 2


Geekzone Jobs »
Most recent NZ jobs in technology:

Exciting Intern Opportunity
Posted 19-May-2013 20:27

Business Analyst
Posted 19-May-2013 18:27

Senior Business Analyst
Posted 19-May-2013 18:27

Senior Business Analyst
Posted 19-May-2013 18:27

Project Coordinator, Reputable Company, Career Pro
Posted 19-May-2013 18:27

Change Manager - Large Financial Services Organiza
Posted 19-May-2013 18:27

Software Developer - Join a market leading company
Posted 19-May-2013 18:27


Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »
Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.