Antivirus 2009 Security Alert

Posted on July 30, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , , , , , , |

 

Reliant PC Consulting Service Alert

 

Date: July 30, 2008

 

Subject: Antivirus 2009

 

Purpose

 

This alert has been generated due to an issue that affects my clients’ computer security. A new malware program masquerading as a legitimate anti virus software has emerged. Of particular note are the following:

 

  1. The program looks legitimate.
  2. There are several sites that promote this malware as legitimate.
  3. The distribution and customer awareness of this program used a web based attack on Google.
  4. The software, and others like it, requires payment before the software is “installed” and activated to “protect” you. This is a typical ploy for malware.

 

Background

 

During a service call to optimize a computer it became apparent that it was infected with a program called Antivirus 2009. The program is a threat to the security and functionality of your computer. During research to remove this threat the following information came to light.

 

This threat is in its initial stages. It is an emerging threat and an awareness of this issue will help prevent being a victim of this type of attack.

 

What the Hijack Google Page Looks Like

 

On the next page you will note a screen shot of a Google Main Search page. It looks completely normal EXCEPT the box immediately below the Google Search field. A box named Google Tips indicates that Google has deselected an unregistered copy of Antivirus 2009 on your computer. By clicking on the box you will then initiate the hack.

 

 

 

Clicking on the box will take you to:

 

 

The program looks like this:

 

 


Resolution

 

  1. Keep your anti virus software up to date. As this is an emerging issue several service providers DO NOT detect this threat at this time.
  2. Be aware of this program in general and do not initiate any web activity that directs you to a site that promotes this software.
  3. Ignore any alert that Antivirus 2009 has “detected” any virus on your computer.
    1. Do not attempt to click on the program to close it. This WILL generate more activity and insure infection.
    2. Simply shut down all other programs and then shut down your computer completely.
  4. If you are infected contact me ASAP and I will assist you on the removal of this software.

 

References

 

http://www.bleepingcomputer.com/forums/topic154973.html

http://www.malwarebytes.org/forums/index.php?showtopic=5178

 

 

Conclusion

 

This Service Alert addresses a new and emerging threat. There is a good chance you may not be affected by this particular threat but an awareness of it existence will make it less likely to affect you.

 

If you have any questions or concerns please contact me.

Advertisements
Read Full Post | Make a Comment ( 4 so far )

Liked it here?
Why not try sites on the blogroll...