 Antivirus 2009 Hijacks The Google Web Site |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
 Jun 29 2008, 01:56 PM
Post
#1
|
|
 Bleep Bleep!  Group: Admin Posts: 31,601 Joined: 24-January 04 From: USA Member No.: 3  |
A new Rogue anti-spyware program called Antivirus 2009 was released this weekend that for the most part, acts just like all the rest. It displays false results, it is advertised through misleading web sites, comes bundled with malware, displays fake results, and requires you to first purchase the software before you can remove anything. What makes this rogue a bit different, though, is how it hijacks the Google homepage and search results by inserting an advertisement for Antivirus 2009.  Google Homepage Hijack Now, this is not the first time this is happened, but it is uncommon enough that it warrants discussing. When Antivirus 2009 is installed, it will install a Internet Explorer browser helper object called C:\Windows\System32\winsrc.dll. This program will automatically load when Internet Explorer starts, and when you visit certain sites, it will insert its own information into the web pages that are retrieved. Currently the information that is inserted into the Google home page and search results is a misleading advertisement for Antivirus 2009. The current text of the advertisement is: Google TipsThe advertisement is actually one big link that if clicked will bring you to a page at the hxxp://microsoft.browserprotectioncenter.com/ site that says you are infected and should purchase Antivirus 2009.  BrowserProtection.com Advertisement The tactic being used by this Rogue is to trick the infected user into thinking a well known and highly trusted brand, like Google, is actually endorsing their products. In reality, though, this is just another scam being used to steal your money. If you are infected with Antivirus 2009, you should use the following guide to remove the malware for free. If you have already paid for the software, please contact your credit card company immediately and dispute the charges. -------------------- |
 |
 
|
Link: Posts in this topic
Grinler Antivirus 2009 Hijacks The Google Web Site Jun 29 2008, 01:56 PM
sandra08 I discovered this injection on one of our clients ... Jul 9 2008, 10:12 AM xbunnyx Hi I just joined to say thankyou soo much for the ... Jul 18 2008, 05:46 AM otteradmin Just wanted to say thanks to Grinler, Eaglehawk2 a... Jul 29 2008, 03:43 PM prando Wow, thanks a lot for the assistance, it was fanta... Aug 1 2008, 07:56 AM ecafy You guys are awesome! Zapped that Power Antivi... Aug 4 2008, 08:58 AM samuel3 Cheers for the info. Aug 5 2008, 03:48 PM colle1986 thx for info......... Aug 13 2008, 12:37 PM pouringreign Excellent explanation-I have many friends who have... Aug 13 2008, 06:50 PM pouringreign Also would you recommend people change their homep... Aug 13 2008, 06:52 PM
KingOfIdiocy Also would you recommend people change their homep... Aug 15 2008, 02:16 PM Lukepd rogue antiviruses are so morally corrupt! Well... Aug 26 2008, 08:04 AM Bloody Eddie Kick A$$.. :thumbsup: Aug 30 2008, 08:37 PM samuel3 What do you type in google for this to come up?
S... Oct 31 2008, 10:11 AM jacks Thanks for the info... cheers !! :gatherin... Nov 14 2008, 05:54 AM taytomyname I only joined this forum to thank you for your hel... Nov 19 2008, 10:58 AM FULLMOON_1 umm.. Of Course! i'm going to say! THankkk... Nov 29 2008, 12:21 AM JCtitan I just got this rogue. trojan yesterday. I tried ... Dec 1 2008, 01:42 PM foxdark hi
here is a different take on it
if you googl... Dec 24 2008, 03:08 AM galaxydefender hi
here is a different take on it
if you googl... Dec 26 2008, 01:11 AM cms_45 Great article Grinler! One question, how is t... Jan 7 2009, 08:39 AM Grinler This infection has so many attack vectors that the... Jan 7 2009, 09:56 AM xXAlphaXx Well, thats something you need to keep a clsoe eye... Jan 9 2009, 10:56 AM sugarpuss you have to be careful getting music off limewire ... Jan 11 2009, 08:49 PM jdamit Thank you for your help.
I have run the malware p... Jan 14 2009, 05:31 PM boopme Hi jdamit As this is not the malware removal secti... Jan 18 2009, 10:50 PM roaky This solution did not work for me. Scans, removes,... Jan 22 2009, 01:45 AM janie1635 This solution did not work for me. Scans, removes,... Jan 22 2009, 05:25 PM
janie1635 This solution did not work for me. Scans, removes,... Jan 22 2009, 05:27 PM wanny Hi there,
I am a little confused. I appear to - a... Jan 22 2009, 06:48 AM boopme Hello wanny,please refer to post #26
EDIT: roaky ... Jan 22 2009, 10:14 AM boopme janie1635 please start atopic in the AM I Infected... Jan 22 2009, 07:30 PM roaky I intend to make a topic, but I think honest feedb... Jan 22 2009, 11:08 PM boopme Also "install this program and then use it... Jan 22 2009, 11:25 PM Goldwyn That's a bummer. Good thing for about 30 bucks I h... Jan 30 2009, 09:30 AM  |
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 21st November 2009 - 08:34 PM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.