Author Topic: Fake "Windows Security Alert" Virus and avast!  (Read 2667 times)

0 Members and 1 Guest are viewing this topic.

Offline MrSpaceman

  • Newbie
  • *
  • Posts: 6
Fake "Windows Security Alert" Virus and avast!
« on: April 14, 2011, 05:51:36 PM »
Forgive me if this has been covered before; I just got hit with this fake "Windows Security Alert" virus this morning, and I think avast! blocked it and saved my from actually being infected.

I was surfing the web and did a search on Google, then clicked on one of the search results it returned. Immediately, an extremely offical looking pop up appeared titled "Windows Secuity Alert" saying my computer was infected with a virus and a list of files appeared in red. The two options were "remove all" or "cancel". Meanwhile, there was another window in the background with what looked like the Windows "My Documents" box, showing the "My Documents" folder had 7 viruses found, the "My Pictures" had 5 viruses found, etc.

While all this was happening, avast! popped up with the red alert box saying "MALWARE BLOCKED". It was all happening so fast I just closed the avast! dialog box and went back to trying to click the "remove all" on the original dialog box (I know now this was the wrong thing to do!). The good news is that nothing ever happened after that - in the research I have done since, it appears that if the virus did download, the next thing that would have happened was I would have gotten another dialog wanting me to purchase software.

So, I am thinking I dodged a bullet, thanks to avast! My question is this: after it was over, I opened avast! and looked in the virus chest, but there was no recent activity listed there. If avast! had indeed blocked this virus, wouldn't I see it in the chest? I just want to make sure the virus didn't somehow download without my knowing it.

I just performed the latest free upgrade to avast! a couple of days ago.

Thank you to anyone for your help!


Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2615
  • I can resist anything except temptation.
    • tex62
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #1 on: April 14, 2011, 05:54:27 PM »
No, not if it was blocked. Avast prevented it from being downloaded, so why put it in  the chest?

You are fine, Avast did the job - and I hope you learned something too.

Have a nice day!  ;)
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline MrSpaceman

  • Newbie
  • *
  • Posts: 6
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #2 on: April 14, 2011, 05:55:39 PM »
What a relief! Thanks for the quick reply, too.

And you're right - I learned a VERY important lesson today!

Thanks again!

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2615
  • I can resist anything except temptation.
    • tex62
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #3 on: April 14, 2011, 05:59:49 PM »
What a relief! Thanks for the quick reply, too.

And you're right - I learned a VERY important lesson today!

Thanks again!


My pleasure.

If you want to doublecheck: download MBAM (free) by clicking on MBAM in my signature, install, start it, update it via it's GUI and run a quick scan. If need be, post log here.
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline MrSpaceman

  • Newbie
  • *
  • Posts: 6
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #4 on: April 14, 2011, 06:08:16 PM »
I will do that as soon as I get home.
Vielen Dank!

Offline Dieselman

  • Poster
  • *
  • Posts: 621
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #5 on: April 14, 2011, 06:09:46 PM »
Are you using IE? Switch to a more secure browser such as Firefox or Chrome. Also add a secure DNS server such as ClearCloud.

Offline MrSpaceman

  • Newbie
  • *
  • Posts: 6
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #6 on: April 14, 2011, 06:12:22 PM »
Yes, Dieselman, I am using IE. I had never heard of ClearCloud, but I will check into it. Thanks for the tip!

Offline Pondus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 25932
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #7 on: April 14, 2011, 06:13:02 PM »
Quote
The good news is that nothing ever happened after that - in the research I have done since, it appears that if the virus did download, the next thing that would have happened was I would have gotten another dialog wanting me to purchase software.
Usually you need to run the .exe file downloaded first......something you should NOT do

if it was downloaded and not blocked you should send it to virus @ avast.com in a password protected zip.file
Password: infected
Subject: undetected sample

and then you delete the file from your comp


Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline MrSpaceman

  • Newbie
  • *
  • Posts: 6
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #8 on: April 14, 2011, 06:19:04 PM »
Pondus - any suggestions on where I should look for the .exe file? I didn't look closely enough at the avast! pop up when it blocked it to see what the file name was.

Offline Pondus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 25932
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #9 on: April 14, 2011, 06:20:39 PM »
when you download something.......what folder is it saved to?

In your case i dont think it happend, bc there should have been a windows box asking you if you want to run or save the file to...

but this was blocked by avast
« Last Edit: April 14, 2011, 06:23:59 PM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline MrSpaceman

  • Newbie
  • *
  • Posts: 6
Re: Fake "Windows Security Alert" Virus and avast!
« Reply #10 on: April 14, 2011, 06:25:56 PM »
Usually "Documents" under "My Documents"...I will check there. Since it never asked me if I wanted to Run or Save a file, I didn't think it would download on its own into those folders.
Thank you!