Re: Frightening !!!

"Trespasser" <andie_online@xxxxxxxxxxx> wrote in message
news:gqydnVJ6OZr4W-zUnZ2dnUVZ8oydnZ2d@xxxxxxxxx


Removal instructions for this pest here
http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009

AVG won't apparently.

Gander.


Please dont call me stupid, but am I missing something?

Where does it say that this worm is related to antivirus-2009? I have
looked through a few pages about this worm but no-one seems to link the
two together.


Antivirus 2009 IS the worm. It is also known by a few other names.
I will try to find the original post I picked the fix up from with more
info.
Antivirus 2009 is a new rogue anti-spyware program from the same family as
Antivirus 2008 and Doctor Antivirus . Antivirus 2009 is installed and
advertised through the use of misleading web sites that attempt to make you
think your computer is infected with a variety of malware. Once installed,
Antivirus 2009 will scan your computer and list a variety of fake infections
that can't be removed unless you first purchase the software. These
infections are fake, though, and only being shown to scare you into
purchasing the software.

When Antivirus 2009 is installed, a Internet Explorer browser helper object
is also installed that displays fake messages when using Internet Explorer.
These messages range from a line at the top of the browser stating an
infection was found to adding a box to the Google homepage stating Google
detected that your computer was infected. These tactics are just two more
methods where Antivirus 2009 uses false information to scare you into
purchasing their software. A more detailed writeup on how the Google home
page is hijacked can be found here.



Gander.


begin 666 mag-glass_10x10.gif
M1TE&.#EA"@`*`*(``$"+0.?PY[_8OX"R@ !D`*#%H/___P```"'Y! ``````
M+ `````*``H```,F: (T8E"1$ IX$ 18RHB3T15$-(Q="2TC443*0+@-#,^?
'#>'Z3B0`.P``
`
end

.

Relevant Pages

  • Re: Bring me the head of the sasser Creator!!!
    ... > currently circulating on the Internet. ... The worm exploits the Local ... > visit the following Web site: ... > Please contact your Antivirus Vendor for additional details about this ...
    (microsoft.public.security.virus)
  • [NEWS] Goner/Pentagone Mass-Mailer Worm
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... new virulent e-mail worm that is currently propagating rapidly. ... The Goner worm infects Microsoft Outlook and Microsoft Outlook Express ... Goner also attempts to disable antivirus and personal firewall software. ...
    (Securiteam)
  • RE: Update to "Code Red" Worm. Its a date bomb, not time.
    ... everywhere has access to OC12 connections to the internet. ... An easy method would be to break up the estimated 196K infections accross a ... Update to "Code Red" Worm. ... On the 20th all infected threads will attempt to attack ...
    (Vuln-Dev)
  • Authors of Zotob/Mytob worms arrested (thought to have disabled pax screening computers)
    ... The arrests ... The first Zotob worm emerged Aug. 14, ... and ABC News -- reported widespread infections by the worm. ... Mytob to steal personal information from infected computers and to ...
    (rec.travel.air)
  • RE: Update to "Code Red" Worm. Its a date bomb, not time.
    ... Update to "Code Red" Worm. ... An easy method would be to break up the estimated 196K infections accross a ... On the 20th all infected threads will attempt to attack ... Remember, each host can be infected multiple times, meaning that a single ...
    (Security-Basics)