Forgive me if this has been covered before; I just got hit with this fake “Windows Security Alert” virus this morning, and I think avast! blocked it and saved my from actually being infected.
I was surfing the web and did a search on Google, then clicked on one of the search results it returned. Immediately, an extremely offical looking pop up appeared titled “Windows Secuity Alert” saying my computer was infected with a virus and a list of files appeared in red. The two options were “remove all” or “cancel”. Meanwhile, there was another window in the background with what looked like the Windows “My Documents” box, showing the “My Documents” folder had 7 viruses found, the “My Pictures” had 5 viruses found, etc.
While all this was happening, avast! popped up with the red alert box saying “MALWARE BLOCKED”. It was all happening so fast I just closed the avast! dialog box and went back to trying to click the “remove all” on the original dialog box (I know now this was the wrong thing to do!). The good news is that nothing ever happened after that - in the research I have done since, it appears that if the virus did download, the next thing that would have happened was I would have gotten another dialog wanting me to purchase software.
So, I am thinking I dodged a bullet, thanks to avast! My question is this: after it was over, I opened avast! and looked in the virus chest, but there was no recent activity listed there. If avast! had indeed blocked this virus, wouldn’t I see it in the chest? I just want to make sure the virus didn’t somehow download without my knowing it.
I just performed the latest free upgrade to avast! a couple of days ago.
If you want to doublecheck: download MBAM (free) by clicking on MBAM in my signature, install, start it, update it via it’s GUI and run a quick scan. If need be, post log here.
The good news is that nothing ever happened after that - in the research I have done since, it appears that if the virus did download, the next thing that would have happened was I would have gotten another dialog wanting me to purchase software.
Usually you need to run the .exe file downloaded first......something you should NOT do
if it was downloaded and not blocked you should send it to virus @ avast.com in a password protected zip.file
Password: infected
Subject: undetected sample
Pondus - any suggestions on where I should look for the .exe file? I didn’t look closely enough at the avast! pop up when it blocked it to see what the file name was.
Usually “Documents” under “My Documents”…I will check there. Since it never asked me if I wanted to Run or Save a file, I didn’t think it would download on its own into those folders.
Thank you!