Video Screencast Help
Security Response

Yet another Site Falls Prey to XP Antivirus

Created: 25 Mar 2008 07:00:00 GMT • Updated: 23 Jan 2014 18:41:39 GMT
Vikram Thakur's picture
0 0 Votes
Login to vote

A couple of weekends ago, I was doing
exactly what most computer users do in their free time. I was sitting
front of the computer, visiting sites that I have no business with. One
site led to another and I eventually started looking for some old
friends I had lost contact with over the years. One such search led me
to, a business networking site. Using the Spoke search box
soon had me believing that my computer might be infected and I would
soon need to scan it for malicious programs. OK, I didn't really
believe it because I was laughing a bit too much, trying to understand
what the "warning" was trying to tell me:

Infected computers will suffer "freezes and creahes"? That sounds nasty.

The user profile pages displayed an advertisement, hosted on, which was redirecting users to a link on (a site registered in the Russian Federation).
This link, in turn, eventually led to XP Antivirus, an application that exaggerates threats on a computer in order to convince the user to make a purchase.

About 24 hours after this surfing experience, I alerted
about the malicious advertisement on their site and they had it
promptly removed. The malicious SWF advertisement file might have been
removed from one networking site, but it continues to show up on other
sites, as reported by MSMVP Sandi.

I thought about putting in the customary "safe computing" advice in
here, but then I decided against it. The fact that you’re still reading
this entry is reason enough to believe you do (or at least try) to
follow those guidelines.