1 Reply Latest reply on Feb 8, 2010 7:43 AM by Dinz

    SCAM website - causes disables McAfee and installs trojans.

      A website has caused havoc for my wife's computer.  I had the latest McAfee installed, but the SCAM site was still able to fool her.


      It put up a message saying:


        "Your computer is not fully protected, would you like to run a free virus scan?"


      She unknowingly clicked YES, then the site installed trojans, McAfee was disabled, her harddrive was compromised, Microsoft OS was damaged beyond repair.  I had to re-install Windows XP from backup disks, and all her apps and files (including family photos) were lost.  I spent several hours doing this.


      I think what happened is another website ran an advertisement which caused a re-direct to the scam site.


      The problem is McAfee allowed this problem to happen.   I had the full firewall and safe-search turned ON, it it was still able to disable McAfee and trash her computer.  McAfee should look into it and see if there is something that can be done to prevent it from harming others.


      Attached is the URL.  It seems to reliably cause the SCAM message, but I don't click on it, instead I bring up the Task Manager and kill the Internet Explorer task.  An IP trace shows the site is at Ecatel LTD. in Amsterdam.


      Please let me know the outcome of the investigation ( email removed for user safety ).  I'm very interested.



      Message was edited by: Dinz on 2/8/10 7:44:15 AM GMT-06:00
        • 1. Re: SCAM website - causes disables McAfee and installs trojans.


          I understand your frustration and realize that you have spent a lot of time and effort because of this. Infections can sometimes occur silently, by visiting a website containing malicious code.  Other times, a user can allow an infection by installing a program or plug-in, or clicking on yes in a malicious website as it happened accidently in your case.  These programs are often disguised as free search utilities, screensavers or are even labeled as 'critical software updates'. And as in this case the siteadvisor alerts you to potentially risky sites and help you find safer alternatives and not entering any malicious websites. I would recommend to run a complete stinger scan from here if you suspect any malicious activity in the system.



          note: Removing scam site url & email address for user safety






          Dinesh K

          1 of 1 people found this helpful