scanner-c517d_2015.exe

You updated your software with what? And what software did you update? If your talking about the file you mention in your title. Macs can't use .exe files. So, you couldn't have used that file to update anything.

Why in the first place would you execute an update with scanner-c517d_2015.exe when you don't know what it is...?

Do you have the URL to that web site that downloaded that file? I would like to take a look at the site.

Had the same experience. Ran Apple update for 10.5.8 on 09.10.2009. Opened Safari this morning, viewed nytimes.com, and window referencing antispywarescanner07.com opened without prompt. When I closed window, Scanner-1249_2006-63.exe downloaded. File details reference file opened 09.11.2009 11:52 pm. Any other thoughts?

I've registered to say I had the same redirect to that URL this morning, running Firefox 10.5--while I was reading the New York Times site. A similar report has just popped up on the malwarebytes.com as well. I was so sure it couldn't be the NYT doing an old-fashioned malware redirect that I went trying to root out the DNS Changer trojan--but it looks like it's the NYT.

Just wanted to add my name to the problem of getting switched to Virex antivirex stuff. I was into my homepage, which is NYTimes, clicked onto movies and something about George Clooney, and up popped the Virex stuff. Got out of all of it with my son's help. Now I'm wondering about my home page, and am worried about getting back into it!

Any suggestions?

I was also at the New York Times Movie site - oddly enough, looking at the review for Hackers (1995). I was taken to the same site, and got this file - Scanner-815416_2006.exe. I did a little searching on the web, and found out this guy has a post called Fear Mongering, and he did a screenshot that was very similar to my screen:

Same thing happened to me when I was browsing the NY Times, I have pop-ups completely blocked and ad-block plus so I thought it odd I was redirected, but I knew it was fishy anyway. I was using the latest version of firefox, unlike Safari though. For some reason safari runs slower on my computer, not sure why.

I don't think anything downloaded, but it directed me to best-antivirus03.com and it gave me a windows interface and started "scanning" for viruses. I immediately shut down my computer. I did a virus scan (I have intego virusbarrier x5) and it came up null. There doesn't appear to be a saved file or downloaded file or anything.

Should I be concerned and do I need to do something to fix it? Also, when will it be "ok" to visit NY Times again? I'm assuming it's probably up to the web site people to fix whatever happened to their site so you probably don't know, but I thought I mine as well ask.

I'm a bit ignorant on these things so I was just making sure it wasn't a problem.

Message was edited by: EAtam

Just joined the list because the same thing happened to me this AM. Woke up iMac running Snow Leopard with yesterday's patch . . . opened NY Times, clicked Gail Collins column and immediately a blank white page with a small box offering a virus scan by "http.Best.Antivirus03.com" Scared **** out of me so I hit cancel, and off it went anyway just like I had hit OK, on a new page with all sorts of activity indicators flashing. No way to stop it so I bailed out of Firefox 3.5.3 and rebooted the computer . . . repeated it and same thing happened. Dumped out and opened Safari, went to NY Times clicked same column and no problem. Went to http://www.malwareurl.com/listing-urls.php?urls=off and found'antivirus03.com listed at the top of their latest malware discoveries. Not much of a geek so I don't know what this is but 'best-antivirus03.com' and 'antivirus-online-scan03.com' were both listed new Sept 12 as "Rogue Antivirus / Personal Antivirus - FakeXPA"
Hope this helps. Could this have done anything to my single user computer? Thanks,

Larry

I just had this happen to me on NYTimes.com as well, with firefox 3.5.3 without any other site open. I am guessing that someone has either infiltrated their site or advertising in order to redirect links to this virus hosting site. I had a similar occurance yesterday on a linux computer, but I had so many sites open I didn't know which one did it.

I had this happen to me also, using Safari: nytimes redirected to best-antivirus03 nonsense. I checked my DNS and it seems clean, so I too suspect that nytimes.com has been hijacked.

I have also seen this - about a week ago and twice today. From NY Times website, using Safari. I can't reproduce it now, though I'm trying by opening various NYT tabs.

If someone sees this again, the Activity Window might provide a clue as to the redirect path from the NY Times to malware sites.

I just go this too. http://best-antivirus03.com/1/?sess= ...