http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Rogue%3AWin32%2FFakeRean

Facebook is a buzz this morning as are a few Yahoo Groups, be careful out there and play safe.

Which part of QRZ is infected - the main page, forums, ad banners?

UA6JD forwarded an email from everyone's favorite ZedHead, Phred, indicating that he had scanned the site (in some detail which I'm glossing over) and that he'd found nothing.

If anyone wants me to post it here, just say the word. (The word is: Bleem)

I suspect that the problem may be on an ad page/banner, or it might have been something picked up prior that's being blamed on the Zed.

According to James just down the road, it was usual pop up of good ol Malware Windows Antivirus 20XX and was not associated with their call sign search or banner adds..... according to what I have heard, it's the same ol pop up of "Windows Antivirus 20XX has detected 29 viruses, click here like the vegetable that you are to run a free virus scan now."

http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Rogue%3AWin32%2FFakeRean

Facebook is a buzz this morning as are a few Yahoo Groups, be careful out there and play safe.

Thanks for that. I keep MS Essentials on, and run Webroot, but haven't run the MS Malicious Software Removal Tool for awhile. Couldn't hurt..............

Which part of QRZ is infected - the main page, forums, ad banners?Yeah.. this claim is pretty vague and unsubstantiated.

I'm closing this thread if no further detail can be provided.

Well, FWIW:

There was a claim made in an email to the DX-QSL reflector on QSL.NET, alleging that the Zed was the source of his "Antivirus 2012" malware attack. Allegation was based on one hit after he logged in; machine was cleaned; and then a second hit after logging in there again. (Remember: These are allegations, not fact).

No further claims (from the OP or from anyone else) have been made alleging this particular type of attack.

Several others have indicating that they've also been hit by this bit of malware, but from different sites. Most of said allegations have indicated that the source of the problem was actually the ad banners or related advertising, not the sites themselves.

Considering that there's been no further recent corroboration, and the (mentioned above) email from Phred indicating that the site's been thoroughly checked over and nothing's been found... well, personally, I'm going to chalk this one up as a misdirected source. It is just as, or even more, possible that somewhere else was the source of the infection, it didn't crop up right away, and that the earlier "clean-up" wasn't as through as the original poster thought.

One allegation does not an infected site make.

As I mentioned in another thread concerning another site the source is one of the advertisers. Bottom line; if you don't click on the ads you'll be just fine. Hey guys, Google is your friend.

Most of said allegations have indicated that the source of the problem was actually the ad banners or related advertising, not the sites themselves.

Ad banners? WTF are ad banners? :-?

http://adblockplus.org/en/

I was at the K7JRL website looking over some service info. I went to several w/o problems. However, another one I went to had a popup that said I had 29 infections and to click for Antivirus 2009 to clean it. Needless to say, exit stage left, wiki wiki, was in order.

I was at the K7JRL website looking over some service info. I went to several w/o problems. However, another one I went to had a popup that said I had 29 infections and to click for Antivirus 2009 to clean it. Needless to say, exit stage left, wiki wiki, was in order.

That makes you smarter than 80% of internet users out there. I guarantee that's what happened to Glenn's wife (http://forums.qrz.com/showthread.php?324984-Virus-problem).

Ad banners? WTF are ad banners? :-?

http://adblockplus.org/en/

That is what i was wondering....lol

my mint laughs at this antivirus thing.

my mint laughs at this antivirus thing.

I have'nt come across this "antivirus extortionware" on any of my travels on the WWW. Going to the Microsoft page on this malware problem, and how to remove it from your computer if you get it, .... the instructions to remove it from the registry and clean the system is straight forward!

Seeing all the trouble ol' Glen K9STH was going through to remove it from his wife's computer on that QRZ thread was just plain painful to read!!!

Oh well ....that Microsoft technical article appears to have the proper removal procedure :yes:

We're gonna shut this one down.. no evidence QRZ.com is infected.