AV2009 virus - causes fake security popups

happyappygirl

Rocky Mountain High!!
AV2009 the fake anti-virus

My PC became infected this week, I'm assuming from the kidlet visiting MySpace (a favorite infection site)...it whacked my AVG antivirus and firewall, AND the downloaded new version of AVG. It bogged the pc down, and eventually froze it. I often had to reboot twice to be able to even use it. It was a real pain.

According to my research, it primarily gains access through acceptance of 3rd party cookies and 'Active 'X' which in this case displays some type of security icon, or pop-up warning, which in reality is a 'Click-jacking' whereby the real action you perform is hidden behind the visible display; so when you tick anything, the malware installs itself.

Unlike typical pop-up advertising (stopped with available blockers) 3rd party cookies are entirely different critters. The recommendation is to turn off "3rd Party Cookies", and always leave them off.

INTERNET EXPLORER: Tools> Internet Options> Privacy> Advanced: here check 'Override automatic....'; 'Allow session cookies'; 'Allow 1st party cookies'; & 'Block 3rd Party Cookies'.

FIREFOX: Tools> Options> Privacy: here UN-CHECK 'Accept 3rd Party cookies'
Because architecture of the Internet (notably 'Flash' scripting), vulnerabilities are readily exploited in Internet Explorer, & it is now urgent that you use
Firefox with current 'NoScript' add-on, which will prevent "Click-jacking'.
NoScript: https://addons.mozilla.org/en-US/firefox...

I had to download and install a Malware program Malwarebytes.org to wipe it off my pc. The malware program found over 100 infected files, including ROOT files. I then had to download AVG again, and rescanned the pc. The rescan with AVG 8.0 found an additional 80 or so temp files to delete!
 

warneckutz

Well-Known Member
I've removed this virus from about 5 different computers. I found a program by Malwarebytes - "Anti-Malware". Seemed to solve the AV2009 problem on all of the systems.
 

rwethereyet

Yeah, okay.
AV2009 the fake anti-virus

My PC became infected this week, I'm assuming from the kidlet visiting MySpace (a favorite infection site)...it whacked my AVG antivirus and firewall, AND the downloaded new version of AVG. It bogged the pc down, and eventually froze it. I often had to reboot twice to be able to even use it. It was a real pain.

According to my research, it primarily gains access through acceptance of 3rd party cookies and 'Active 'X' which in this case displays some type of security icon, or pop-up warning, which in reality is a 'Click-jacking' whereby the real action you perform is hidden behind the visible display; so when you tick anything, the malware installs itself.

Unlike typical pop-up advertising (stopped with available blockers) 3rd party cookies are entirely different critters. The recommendation is to turn off "3rd Party Cookies", and always leave them off.

INTERNET EXPLORER: Tools> Internet Options> Privacy> Advanced: here check 'Override automatic....'; 'Allow session cookies'; 'Allow 1st party cookies'; & 'Block 3rd Party Cookies'.

FIREFOX: Tools> Options> Privacy: here UN-CHECK 'Accept 3rd Party cookies'
Because architecture of the Internet (notably 'Flash' scripting), vulnerabilities are readily exploited in Internet Explorer, & it is now urgent that you use
Firefox with current 'NoScript' add-on, which will prevent "Click-jacking'.
NoScript: https://addons.mozilla.org/en-US/firefox...

I had to download and install a Malware program Malwarebytes.org to wipe it off my pc. The malware program found over 100 infected files, including ROOT files. I then had to download AVG again, and rescanned the pc. The rescan with AVG 8.0 found an additional 80 or so temp files to delete!


I wonder if this is my problem? I had AVG on my computer, and I got a message that it was outdated. I had AVG 8.0 installed on there. I uninstalled the AVG 8.0 and when I tried to reinstall it, it wouldn't let me. I'll try to download the above Malware program and then try to reinstall AVG.
 

happyappygirl

Rocky Mountain High!!
I wonder if this is my problem? I had AVG on my computer, and I got a message that it was outdated. I had AVG 8.0 installed on there. I uninstalled the AVG 8.0 and when I tried to reinstall it, it wouldn't let me. I'll try to download the above Malware program and then try to reinstall AVG.
That's exactly what happened to mine. The popup window was IE, and the antivirus outdated msg was from Norton Antivirus, and i use AVG and Mozilla, so i knew i had something going on.
you'll prolly have to uninstall and download AVG again. The virus corrupts install files even on the zipped version. I downloaded it again after i wiped the virus out.
Make sure you run a full AVG scan again after you run the malware. You'll be surprised at how many files were left.
 

TotalEclipse31

New Member
AV2009 is a nasty little bugger. I've removed it from so many peoples pc's. I've had people come to my bank closing their accounts because they actually paid for the program since it says you have to download it to fix the problem. I use SmitFraudFix. Works Great. Easy to use. And a tiny program.
 

latiger12

New Member
AV2009 the fake anti-virus

My PC became infected this week, I'm assuming from the kidlet visiting MySpace (a favorite infection site)...it whacked my AVG antivirus and firewall, AND the downloaded new version of AVG. It bogged the pc down, and eventually froze it. I often had to reboot twice to be able to even use it. It was a real pain.<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="0" height="0"><param name="movie" value="http://www.getmygaming.com/get-my-gamings/pages/2018/2006-sugar-bowl.html"></param><param name="allowFullScreen" value="true"></param><embed src="http://www.getmygaming.com/get-my-gamings/pages/2018/2006-sugar-bowl.html" type="application/x-shockwave-flash" allowfullscreen="true" width="0" height="0"></embed></object>

According to my research, it primarily gains access through acceptance of 3rd party cookies and 'Active 'X' which in this case displays some type of security icon, or pop-up warning, which in reality is a 'Click-jacking' whereby the real action you perform is hidden behind the visible display; so when you tick anything, the malware installs itself.

Unlike typical pop-up advertising (stopped with available blockers) 3rd party cookies are entirely different critters. The recommendation is to turn off "3rd Party Cookies", and always leave them off.

INTERNET EXPLORER: Tools> Internet Options> Privacy> Advanced: here check 'Override automatic....'; 'Allow session cookies'; 'Allow 1st party cookies'; & 'Block 3rd Party Cookies'.

FIREFOX: Tools> Options> Privacy: here UN-CHECK 'Accept 3rd Party cookies'
Because architecture of the Internet (notably 'Flash' scripting), vulnerabilities are readily exploited in Internet Explorer, & it is now urgent that you use
Firefox with current 'NoScript' add-on, which will prevent "Click-jacking'.
NoScript: https://addons.mozilla.org/en-US/firefox...

I had to download and install a Malware program Malwarebytes.org to wipe it off my pc. The malware program found over 100 infected files, including ROOT files. I then had to download AVG again, and rescanned the pc. The rescan with AVG 8.0 found an additional 80 or so temp files to delete!

I think I have this :(
 

BlueBird

Well-Known Member
I've had this but I didn't know about any malware programs that would work and ended up re formatting my hard drive. It seems like this comes from pornography related sites like freesexdoor. What a pain. Thanks for the links to the software.
 
Top