Nasty "Antivirus 2009" Fraudware/virus
- PTRACER
- Forum Administrator
- Posts: 42179
- Joined: 20 years ago
- Real Name: Paul
- Favourite Motorsport: Formula 1
- Favourite Racing Car: Lotus 49
- Favourite Driver: Gilles Villeneuve, James Hunt
- Favourite Circuit: Nordschleife
- Car(s) Currently Owned: Mitsubishi Lancer Evo X JDM
- Contact:
Nasty "Antivirus 2009" Fraudware/virus
Seen three cases of these in the last week alone. It's very nasty and difficult to get rid of. If you see any popups relating to this, shut down your browser immediately and do a scan to make sure you haven't been infiltrated.
If you already have it on your system, you will certainly know about it as it'll pop up on your screen and start up and will look like this:
It's known as Fraudware - it does a "scan" of your system, produces fake results and then tells you to pay for the product to remove the threats. Do not under any circumstances click on any of the Registration, Buy Now, or Remove buttons on the program window.
There's some very similar software I've seen called AntiVirXP08 and Vista AV, which are both very similar to the above.
It can be manually removed by ending the process in task manager, then do a Search on your PC for the EXE file and delete it, preferably via Safe Mode. Then do a full virus scan to make sure no nasty files are left behind.
If you already have it on your system, you will certainly know about it as it'll pop up on your screen and start up and will look like this:
It's known as Fraudware - it does a "scan" of your system, produces fake results and then tells you to pay for the product to remove the threats. Do not under any circumstances click on any of the Registration, Buy Now, or Remove buttons on the program window.
There's some very similar software I've seen called AntiVirXP08 and Vista AV, which are both very similar to the above.
It can be manually removed by ending the process in task manager, then do a Search on your PC for the EXE file and delete it, preferably via Safe Mode. Then do a full virus scan to make sure no nasty files are left behind.
Developer of the 1967v3 Historic Mod for Grand Prix Legends: viewtopic.php?t=17429
King of the Race Track, Destroyer of Tyres, Breaker of Lap Records
King of the Race Track, Destroyer of Tyres, Breaker of Lap Records
-
- Advanced Member
- Posts: 1411
- Joined: 17 years ago
- Location: Farthest country from Australia
- kals
- Legendary Member
- Posts: 28276
- Joined: 16 years ago
- Real Name: Kieran
- Favourite Motorsport: F1..BTCC..MotoGP
- Favourite Racing Car: Benetton B189
- Favourite Circuit: Donington Park
- Location: New Jersey
Malware is a multi-billion dollar industry so these low lives have a big incentive to infect people's computers. However, if it weren't for malware vendors other firms wouldn't be in business. People like MacAfee, Symantec, MessageLabs, Postini, SurfControl, Websence, and even the likes of Google and Microsoft all have offerings to protect businesses and consumers.crazydude1992 wrote:Havent those people got anything better to do?
These attacks, as Paul has mentioned above, are really interesting as they are socially engineered to appeal to you in some way, be it emotionally, physically, etc.... In the past we have seen the Anna Kournikova virus which made you open a malware infected file by tricking you into believing you about to see a naked picture of her. More recently we have seen phishing scams which make you give out your bank details by making you believe there are issues with your bank account, only to be lead to a fake landing page. Nigerian 419 scams are still out there too. Who hasn't received an email from a Nigerian Prince offering millions of pounds recently? Scammers are using everyday scenarios (porn, your money, your computer) to socially engineer ways to trick you into trusting them. And it works.
-
- Gold Member
- Posts: 603
- Joined: 16 years ago
- Location: Arbroath, Scotland
- Contact:
I had this. Its the first piece of malware I've had for years, which shows how easy it is to get.
A program which has been adapted specificly to remove it can be found here. http://www.malwarebytes.org/ Worked great.
A program which has been adapted specificly to remove it can be found here. http://www.malwarebytes.org/ Worked great.
TheRacingLine.net
RacingLineDevelopments.com
Race2Play.com
RacingLineDevelopments.com
Race2Play.com
- PTRACER
- Forum Administrator
- Posts: 42179
- Joined: 20 years ago
- Real Name: Paul
- Favourite Motorsport: Formula 1
- Favourite Racing Car: Lotus 49
- Favourite Driver: Gilles Villeneuve, James Hunt
- Favourite Circuit: Nordschleife
- Car(s) Currently Owned: Mitsubishi Lancer Evo X JDM
- Contact:
Well, if I'm honest, by the time I've finished tomorrow's job, I will have earned close to £200 from that one virus infection...kals wrote:Malware is a multi-billion dollar industry so these low lives have a big incentive to infect people's computers. However, if it weren't for malware vendors other firms wouldn't be in business. People like MacAfee, Symantec, MessageLabs, Postini, SurfControl, Websence, and even the likes of Google and Microsoft all have offerings to protect businesses and consumers.crazydude1992 wrote:Havent those people got anything better to do?
Developer of the 1967v3 Historic Mod for Grand Prix Legends: viewtopic.php?t=17429
King of the Race Track, Destroyer of Tyres, Breaker of Lap Records
King of the Race Track, Destroyer of Tyres, Breaker of Lap Records
- Barre
- Advanced Member
- Posts: 1209
- Joined: 18 years ago
- Location: Belgium, Lommel
- Contact:
-
- Legendary Member
- Posts: 11139
- Joined: 18 years ago
- PTRACER
- Forum Administrator
- Posts: 42179
- Joined: 20 years ago
- Real Name: Paul
- Favourite Motorsport: Formula 1
- Favourite Racing Car: Lotus 49
- Favourite Driver: Gilles Villeneuve, James Hunt
- Favourite Circuit: Nordschleife
- Car(s) Currently Owned: Mitsubishi Lancer Evo X JDM
- Contact:
Very similar, yeah. Sounds like it may have affected you in some way. Check your browser addons and disable anything you don't recognise.
Developer of the 1967v3 Historic Mod for Grand Prix Legends: viewtopic.php?t=17429
King of the Race Track, Destroyer of Tyres, Breaker of Lap Records
King of the Race Track, Destroyer of Tyres, Breaker of Lap Records
-
- Legendary Member
- Posts: 11139
- Joined: 18 years ago
-
- Legendary Member
- Posts: 11139
- Joined: 18 years ago
Those emails make stories like this one even more amusing:kals wrote:Nigerian 419 scams are still out there too. Who hasn't received an email from a Nigerian Prince offering millions of pounds recently?
Click
- kals
- Legendary Member
- Posts: 28276
- Joined: 16 years ago
- Real Name: Kieran
- Favourite Motorsport: F1..BTCC..MotoGP
- Favourite Racing Car: Benetton B189
- Favourite Circuit: Donington Park
- Location: New Jersey