Having recently doled out some advice on staying safe online I guess it was kind of inevitable that a “security situation” would come my way – one of our computers was infected a few days ago. But in case you’re wondering, the False Prophet I’m referring to is not me!
No, it’s a particularly insidious piece of malware which purports to be looking out for your best interests, in order to con you into installing it. I’m referring to a trojan called “Antivirus 2009″ (also known as AV 2009) which appears to propagate by infecting legitimate websites. Here’s what Google Safe Browsing has to say about it.
Antivirus 2009 is malware
This is the window you’re presented with if you have the misfortune to surf by an infected website. Most people who are shown this will be concerned, and rightly so, what with all the nefarious stuff floating around cyberspace these days. The implication is that your computer is infected with something dreadful, and you’d better take steps to rectify the situation, or face the consequences.
It seems their strategy, once you’ve installed the software, is to repeatedly warn you that your system is infected with something, and the only remedy is to purchase the full version of their software to clean up the mess.
In case I haven’t already made it clear, let me stress that this is not genuine anti-virus software. It’s a scam which preys on people’s fears and sincere desire to protect themselves online.
What should you do?
Firstly, don’t install the software! Now I know that it’s not necessarily always obvious where messages like this originate – you may well be shown something similar by a legitimate antivirus program that you have on your system. My best advice is to read the message carefully, including the window title, which will often give you a clue as to the application responsible. In this case it’s fairly clear that it’s coming from a website, which should raise your suspicions. The poor spelling and grammar are also a telltale sign that everything is not OK!
How to remove AV 2009
If you’ve fallen into the trap, all is not lost. Fortunately AV 2009 doesn’t appear to be particularly malicious or destructive, and is fairly easy to remove. In my case, AVG detected and removed it without any manual intervention (although it took a few reboots to root it out completely). If that doesn’t work, try a Google search – there’s plenty of advice from those who’ve done it.
This again highlights the need to be vigilant online, and to keep your defences up: firewall, virus protection and browser security settings.
Be safe.
Related posts:
I never listen to those pop-ups. They are a damn nuisance and the last thing I would do is to download something just because they said I should.
Sire: no, neither do I. But it isn’t all that obvious that this is a pop-up – it’s deliberately made to look like a normal system window. I think this is particularly confusing, especially for novices who don’t necessarily differentiate between different things happening on their computer. I also find that often they’re scared of breaking something, so just do whatever the “computer” tells them to. Either that or click the button just to get rid of the annoying window!
True, I suppose then if that is the case they will have to learn the hard way. I’ve always taught my kids not to just click anything without reading it fully, especially if it occurred while they were surfing the net.
Sadly this is, or perhaps should be, illegal. It is a “con” isn’t it? Who’s the company making this software and why aren’t they rotting in jail?
L.O.L. I see this type pf thing all the time. Actually it’s a witty little marketing trick,but c’mon!
This is akin to the Emperor in StarWars who creates the wars then comes back with the so’called “only solution” which is his rulership…
Martin: good question!
Caleb: sounds like a few governments I know!
Don’t install anything you didn’t chose, and research a bit before you chose what to install. That’s a good rule.
Hello,
I hate this virus with a passion! It infected two of my home computers and one laptop. I think its because one of my roommates keeps installing it because he is dupped by the false message.
Anyway, I downloaded Malwarebytes anti malware, ran it once and it solved the problem.
I run Linux, so periodically go malware trolling and was actually exploring this one the other day. The nasty thing about AV2009 is that once you visit their page, it is designed in a manner that you will either end up closing your browser or downloading the file. It is actually quite an interesting process of using images that look like pop-ups, scare tactics, and pop-ups that you can’t close.
I will have to keep AVG in mind next time I am working on someones computer that has become infected with it.
I have seen this popup before, when clicking on certain entries on the search engine results. But what surprises me, is that the search engines even display the these results at the top of the results. After getting these I always scan of viruses as I am scared of them.
Snake: In my case it was from clicking a legitimate link that had been hacked / infected. According to the site owner, their ISP had reported that over 10 thousand of the sites on their servers had been affected.
The moral of the story is simply to be aware, and respond appropriately if you end up on an infected site.
Sometimes they are so real looking. It is important that we teach our kids also to avoid these mal wares.
Thanks for the information on this virus. I will scan my computer today, see if there is any virus.
Atniz: it’s always a good idea to do regular scans. But if you had this infection, I’m sure you’d know it – it’s no shrinking violet!
Luckily I didn’t fall for this one but I have to admit that it is a really clever and sneaky way to lure people into installing it. It looks very safe and legit and I can see why most people would want to click to install it.
Popups können wirklich störend sein.
I think it is so sad that we’re seeing things like this getting more and more common. Why can’t we just enjoy that the Internet has been invented and that it is evolving every single day.
I guess it is human nature (for some humans) to want to take advantage of others no matter what they’re presented with. It’s a shame.
Mikael: yes, it’s still pretty much the wild west out there. We should all learn to play nicely so regulation isn’t needed, but we see in society everyday that some people will always try to step on others and ruin it for everyone by forcing us to have all sorts of security which slows everything down and generallly gets in the way.
Unfortunately I think that these things will only grow over time and we’re probably going to see some regulations made on how, who and for what to use the internet. I don’t know how they’re going to do it but I think we should just enjoy the freedom we have online while we have it
The problem has always been the international nature of the Net. Individual countries may as well not bother trying to regulate because you can’t stop people from other countries breaking your laws from across the border. And if you try to control things like China’s been doing, it just amounts to censorship, which is a very slippery slope none of us really wants to go down, I reckon.
We couldn’t agree more on the censorship part, but I can’t see how we’re heading anywhere else but that direction with more and more phising, spamming and trojans invading our privacy every single day. I believe that spam is up to about 80-85% of the total emails sent…
Yes, but that would require international co-operation on a scale that I just can’t see happening. We’re all too busy trying to blow each other’s heads off!
Maybe it does but I can easily imagine local restrictions that would make everything more difficult for everyone. For instance our government had a great idea about a year back that all the ISPs should record and store all data transfer taking place by their customers for a period of a couple om month. Totally ridiculous and luckily it didn’t go through.
I suppose then if that is the case they will have to learn the hard way. I’ve always taught my kids not to just click anything without reading it fully, especially if it occurred while they were surfing the net.
read it fully is great. researching, as some one had mentioned,is an amazingly good idea. there are people out there, and there always have been, and there always will be, that are doing these things. i’m not completely sure, but i think they are making money off this whole deal.
I like how they used (recommended) after the question. It’s a nice touch that’ll surely get them more “users” but well at least it’s not destructive.
These things are a BIG problem for average web surfers. Sure bloggers and webmasters know better and never click on them but my kids and my mother will click anything without reading it first.
Ryan: I totally agree.
Pop-ups are a nuisance and the last thing I would do is to down something just because they said I needed it.
This is the most clever idea I’ve seen for a while. A malware that acts like an antivirus software is great idea for anyone who want to harm other web users. But it is difficult not to fly into this trap. I don’t know if I would. Maybe not, but sometimes everyone is close to become a target for some hacker, cracker or spammer. And sometimes our shields are lowered so the surprising attack can be devastating.