Star Tribune site hit by Sunday malware infection

[Update: Around noon Monday, the Strib took down third-party ads.]

If you’re at work and having trouble connecting to, your web adminstrator may have blocked access due to a malware outbreak Sunday.

Odds are you’d know if you were hit; according to University of St. Thomas admins, “an antivirus software advertisement called Antivirus Soft pops up and cannot be closed.”

Strib Digital Media executive director Jason Erdahl says that a “remnant ad” contained the malicious software, which can contain viruses and other nastiness.

The ad — a lower-priced type served up by national networks — was pulled as soon as the virus was discovered, but reports of problems were still trickling in Monday, Erdahl says. “There are still reports trickling in this morning, but they seem primarily to be a reaction to Sunday’s outbreak. We are giving this our full attention, however, just in case this is still a problem for our readers.”

(MinnPost’s Joe Kimball told me around lunchtime a St. Paul fire station was also affected.)

As always, you should have an anti-virus program and if you don’t, you might want to try an online scan or this free-to-try anti-malware program. Oh, and block those pop-up windows!

Comments (6)

  1. Submitted by Robert Moffitt on 02/22/2010 - 01:05 pm.

    My work computer got this today, either from the Star Tribune or the West Central Tribune websites. Had me off-line for half a day!

  2. Submitted by Camden Pike on 02/22/2010 - 01:33 pm.

    I must have got this, assuming you didn’t have to click an ad. Currently suffering from the Blue Screen of Death. Hoping I’ll get it fixed without losing all the data.

  3. Submitted by Greg Kapphahn on 02/22/2010 - 01:51 pm.

    Over the past year or two there have been several times when I’ve had problems with infections which occurred after I visited the STRIB site, when a pop-up took over my browser and could not be closed.

    Luckily, I was able to disconnect from my ISP, use ctrl-alt-del to shut down my browser. Re-open the browser, clear out the cookies and the cache and, thereby, solve the problem, but after about the third time it got really annoying. It was one of the reasons I moved away from having the STRIB as my home page.

  4. Submitted by r batnes on 02/22/2010 - 03:27 pm.

    I picked this up on Saturday as I logged into the Strib’s website and tried to access their comments section. This article includes a link to Malwarebytes which I strongly recommend. After getting hit with a much more virulent strain of malware a couple of months ago (which I had to wipe my hard drive to get rid of), I downloaded and kept Malwarebytes on my desktop. Since a lot of these problems disable your task manager function, I was able to re-start in safe mode, run the program and delete it.

  5. Submitted by L.M. Stringer on 02/22/2010 - 05:31 pm.

    The malware that effected my computer while visiting on SATURDAY, according to Geek Squad completely corrupted my PC.

    Not only did it attack and take out my Norton 360 antivirus software, but it then embedded itself into all my files.. to include the graduate mid-term papers I was completing.

    This has been one of the worst experiences ever, and I will never return to again.

    Clearly it was my mistake for trusting a business such as the Star Tribune for monitoring their website and assuring it was safe for their subscribers.. an expensive and time consuming lesson on my part…

  6. Submitted by Matthew Steele on 02/22/2010 - 07:33 pm.

    They aren’t competent enough to get their ads from a reputable source? Thank god for adblock plus.

Leave a Reply