4 Replies Latest reply on Jan 21, 2010 8:13 PM by toughsell66

    Have you seen this malware?

      Within the past week my Windows XP notebook was infected with malware, my first experience. The malware produced a McAfee-like popup, with a McAfee green icon, warning of a Trojan Horse. The pop up box asked if I wanted to remove it. Yes was the wrong answer. That started a process that mimicked a Virus scan inside a window with a Windows-like shield. And I got a lot of boxes with the message that files were infected. So I restarted. The next symptom was the appearance of a balloon pop up on the bottom dock: Windows Security Alert! with a red square in the upper right corner. But the message inside was grammatically incorrect: "Windows detects that computer is infected. ... to fix you computer ..." Again clicking on the balloon started the bad process. I checked my control panels and it showed that my McAfee anti-virus was out of date. My mistakes were clicking on the fake pop up and balloon. I re-started again. I closed the pop ups and got my McAfee scan started right away. Right now I'm running the McAfee full scan, The quick scan found and quarantined 9 items. I don't know how my computer got infected. Maybe it was on a forwarded email about Haitian relief. I was lucky to stumble on a way to fix it, which I hope works. The scan is still running, which is why i have time to post this note using another computer. I would like to know if anyone else got infected this way. I hope I avoided paying $90 to have my computer cleaned. Bob

        • 1. Re: Have you seen this malware?

          Hi. The scan finished successfully. I just checked my log and the quarantined programs were FakeAlert SpyPro!mem (Trojan)

          • 2. Re: Have you seen this malware?

            Yes this seems to be wide spread.  A few days ago my wifes computer got the fake alert.  She was smart enough to lock down the fire wall instead of clicking on anything.  I used control-alt delete to bring up the task manager and shut down the program that was running.  It was trying to down load something like Windows anti-spyware.  I deleted the temp files and the cache.  We ran the virus scan and found nothing.  Downloaded malwarebytes and ran that.  It found a file and we deleted it.  It seems to be we caught it before it could infect the system.  The next day it hit mine.  I used the same procedure and it seemed to have stopped it.

            • 3. Re: Have you seen this malware?

              moving this to the security awareness community...



              • 4. Re: Have you seen this malware?

                Hi. Just to clarify my original post. I started my McAfee Security Center as soon as my computer started up, and got the Quick Scan started. In my previous attempts I had noticed that this fake alert took about 15 - 20 seconds to pop up. I got the Quick Scan started before that, ignored the pop ups, and got the FakeAlert quarantined.