The Blog at

My Ramblings

Creative Trojan Attack

Posted on | September 23, 2008 | 1 Comment

I clicked a link to go to the Dallas Morning News website earlier this morning and their ad server gave me a page called Antivirus 2009. The URL was:…. (more after here, but don’t click it). There was some pretty realistic flash videos that simulated a virus scan on my computer, even though I picked the box to ignore. When the flash video was done, it popped up the following window:

Antivirus 2009 Web Scanner

To the average person, this would look pretty authentic. But it is a fake. You can pick “Remove All” or “Ignore”. The third option is to just close the window by clicking the red “X” in the top right of the window. No matter what you do, a file download is initiated with the file name A9installer_77011808.exe which I suspect is the virus/trojan. The virus sites don’t have any searchable pages with this file name, but I’m guessing that they will soon enough.

The domain is registered in Keiv, Russia.

If you see this, don’t open the file. I haven’t researched is further since I have a real job that I need to work at to pay the bills and don’t have unlimited searching time, but I suspect that an automatic file download from Keiv is not what you want on your machine. I don’t care how tempted you are to open it.

Share and Enjoy:
  • Print this article!
  • E-mail this story to a friend!
  • Facebook
  • Digg
  • Sphinn
  • Mixx
  • Google Bookmarks
  • StumbleUpon
  • Twitter
  • Technorati
  • Yahoo! Buzz


One Response to “Creative Trojan Attack”

  1. dem
    September 23rd, 2008 @ 9:39 pm

    I got the same thing . . .

    My wife downloads a crossword puzzle everyday from the Dallas Morning News…

    When I saw the fake alert, I jumped into another session to google for it, and I found your site, for which I was grateful, to confirm what I suspected.

    I know how it is when you have a DayJob, to take time for an altruistic endeavor.

    Thanks a meg,