Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


30 posts

Geek

Trusted

Topic # 88365 14-Aug-2011 18:55
Send private message

my the other laptop just got infected after visiting trademe, metservice and nzherald last night.  didn't click on anything.  this personal shield pro somehow is installed on the pc.  have been trying to do something since.  managed to "pause" the program to do something.  my other laptop (the one i'm using) is fine, so I can search some articles about removing it.  surprising the microsoft security essentials didn't pick anything up, after 3 hrs of full scan.

called TM and emailed nzherald.  curious to find out who it is to spread the virus.


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


  Reply # 506373 14-Aug-2011 19:01
Send private message

Give me one good reason why TM / NZherald / Met service would spread a virus?

You emailed them they must be rolling around on the floor laughing



30 posts

Geek

Trusted

  Reply # 506378 14-Aug-2011 19:04
Send private message

not on purpose of course.  they've been targeted.  probably spread via some of the advertisements (they can be very heavily scripted) 


this is what happened last year: http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10677853

309 posts

Ultimate Geek
+1 received by user: 14

Subscriber

  Reply # 506379 14-Aug-2011 19:08
Send private message

I have always used http://www.malwarebytes.org/ to get rid of these.

Download & install the free version. Install & do any updates.

Then boot to safe mode & run a full scan from there.



30 posts

Geek

Trusted

  Reply # 506382 14-Aug-2011 19:13
Send private message

thx!  doing a full scan with Malwarebytes right now.  fingers crossed.

still curious which site is spreading it. 

19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


  Reply # 506384 14-Aug-2011 19:16
Send private message

It might be a false positive

John

BDFL - Memuneh
60830 posts

Uber Geek
+1 received by user: 11711

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 506385 14-Aug-2011 19:16
Send private message

johnr: Give me one good reason why TM / NZherald / Met service would spread a virus?

You emailed them they must be rolling around on the floor laughing


It happened before, and not a reason for them to laugh. It only needs someone to approve a rogue ad coming from a unknown source and all hell breaks lose.

 




1478 posts

Uber Geek
+1 received by user: 464

Trusted

  Reply # 506386 14-Aug-2011 19:16
Send private message

funny you should say that.. my sister had a virus alert come up after visiting metservice last night




19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


  Reply # 506387 14-Aug-2011 19:17
Send private message

freitasm:
johnr: Give me one good reason why TM / NZherald / Met service would spread a virus?

You emailed them they must be rolling around on the floor laughing


It happened before, and not a reason for them to laugh. It only needs someone to approve a rogue ad coming from a unknown source and all hell breaks lose.

 


Fair point I never thought of the ads on the page!

BDFL - Memuneh
60830 posts

Uber Geek
+1 received by user: 11711

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 506388 14-Aug-2011 19:18
Send private message

These guys are clever. They approach as an ad agency, book ads and start running something that is ok, so if the media managers check they don't reveal anything. Half way through the ad campaign they switch to a script with some malware, and no one will notice until a lot of users are infected.







30 posts

Geek

Trusted

  Reply # 506391 14-Aug-2011 19:24
Send private message

l43a2: funny you should say that.. my sister had a virus alert come up after visiting metservice last night


is it Personal Shield Pro?  it keeps popping up pretending to be an anti spyware warning you about your pc's infected.  it's a malware itself.  don't agree to "protect" your computer or even purchase their software.

2435 posts

Uber Geek
+1 received by user: 144


  Reply # 506395 14-Aug-2011 19:33
Send private message

And people wonder why I use noscript/etc to block ads!

1478 posts

Uber Geek
+1 received by user: 464

Trusted

  Reply # 506398 14-Aug-2011 19:36
Send private message

graciem:
l43a2: funny you should say that.. my sister had a virus alert come up after visiting metservice last night


is it Personal Shield Pro?  it keeps popping up pretending to be an anti spyware warning you about your pc's infected.  it's a malware itself.  don't agree to "protect" your computer or even purchase their software.


that didnt come up, her anti virus (AVG) came up with an alert with some random .exe file and it was removed.




BDFL - Memuneh
60830 posts

Uber Geek
+1 received by user: 11711

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 506406 14-Aug-2011 19:46
Send private message

kyhwana2: And people wonder why I use noscript/etc to block ads!


You are only really at risk if you don't keep your PC up to date. Some drive-by downloads use a mix of vulnerabilities, most of them old. If you have a machine that is up-to-date is less likely anything like that would affect you, script or no script.
 




3888 posts

Uber Geek
+1 received by user: 163


  Reply # 506413 14-Aug-2011 19:55
Send private message

Nice - after debate, wife is now installing adblocker :)





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz




30 posts

Geek

Trusted

  Reply # 506415 14-Aug-2011 19:58
Send private message

malwarebytes found 2 infected files and removed them.  However, it's still not right.  All the google search results point to some random URL.  IE. nzherald site, if you move cursor over the link, you will see in the status bar it's pointing something like 178.12.343/something/something.  it goes to a travel site.  tried some others, goes to some gossip sites.  something's still there :(  interesting though, when I run google.co.nz on chrome, clicking on "search" it just won't go anywhere. 

 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Hawaiki Transpacific cable ready-for-service
Posted 20-Jul-2018 11:29


Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.