Need Help?    Filtering  

Virus Information

Microsoft Critical Updates, Alerts and Patches

Latest virus news

Threat activity

Fake Microsoft Patch Email Carries Malware

October 15, 2008
An e-mail is circulating that claims to be a security e-mail from Microsoft. The e-mail comes with an attached executable, which is disguised as the latest security update but is actually Trojan.Backdoor.Haxdoor, and encourages the recipient to run the attachment so they can be safe. Click here for details

Fake 'Breaking News' Emails Carry Malware

August 13, 2008

Malicious emails are circulating that pretend to be breaking news alerts from CNN or MSNBC (look for other legitimate news outlets to be added in future versions). If you click on one of the 'Watch the video' links, this image will pop up:

Fake news

Clicking through will install malware to hijack your computer and make it part of a botnet. If you get these emails (or ANY email with a news headline as the subject) delete without opening.

Fake Antivirus 2009

July 26, 2008

A new Rogue anti-spyware program called Antivirus 2009 was released this weekend that for the most part, acts just like all the rest. It displays false results, it is advertised through misleading web sites, comes bundled with malware, displays fake results, and requires you to first purchase the software before you can remove anything.

What makes this rogue a bit different, though, is how it hijacks the Google homepage and search results by inserting an advertisement for Antivirus 2009. When Antivirus 2009 is installed, it will install a Internet Explorer browser helper object called C:\Windows\System32\winsrc.dll. This program will automatically load when Internet Explorer starts, and when you visit certain sites, it will insert its own information into the web pages that are retrieved. Currently the information that is inserted into the Google home page and search results is a misleading advertisement for Antivirus 2009. The current text of the advertisement is:

Google Tips

Google has detected unregistered Antivirus 2009 copy on your computer. Google recommends you to activate Antivirus 2009 to protect your PC from malicious intrusions from the Internet.

The advertisement is actually one big link that if clicked will bring you to a page at the hxxp:// site that says you are infected and should purchase Antivirus 2009. The tactic being used by this Rogue is to trick the infected user into thinking a well known and highly trusted brand, like Google, is actually endorsing their products. In reality, though, this is just another scam being used to steal your money. If you are infected with Antivirus 2009, you should use the following guide to remove the malware for free. If you have already paid for the software, please contact your credit card company immediately and dispute the charges.

How to remove Antivirus 2009 (Uninstall Instructions)

How to remove Antivirus 2008
This page contains free removal instructions for Antivirus 2008. Please use this guide to uninstall Antivirus 2008 and any associated malware.