This is the question that my sister-in-law asked me this morning. She is bothered with the annoying pop-ups telling the computer is infected and in order to get rid of the infections you’ll need to purchase the Antivirus Product (named as Security Tool). Here are the snapshots of the infections of Security Tool Antivirus that I found in the laptop computer.
Main Window of the Fake AV
Fake Pop-up Window Warning after Scanning
Activation Pop-up Window after clicking “Remove all threats nowâ€? Button
The two possible factors that made the computer infected with Fake AV are as follows:
- Clicking untrusted link on the Social Networking Websites such as Facebook, Friendster, MySpace, etc. Then Executing the Downloaded file in the suspicious link.
- Clicking the Untrustworthy link on the Web Search Engine such as Google, Yahoo, etc. Then Executing the Downloaded file in the fraudulent link.
We detect the Fake AV file as W32/FakeAlert.DX3.gen!Eldorado which was found under the following location:
C:\ProgramData\14665830\14665830.exe
Just a friendly reminder before the year 2009 ends, don’t download and execute file from unreliable source or be mesmerize to purchase the Rouge Anti-Malware Product.
Purchase Window after clicking “Activate Security Tool� Button
Have a Happy New Year Everyone! 
[...] Is My Computer Infected? « Authentium Virus Blog Tags: ade, anti vir, berat, daftar, dianna, gossips news, inconvenience, kesejahteraan anak, Komputer, lee christmas, lemah, Masalah, micro organism, nasib, nazmi, Ni…boleh, panti asuhan, puisi, purwokerto, rilek, saye, tolong, ulang tahun, vga card, virgin media, virus [...]
[...] posted here: Is My Computer Infected? « Authentium Virus Blog By admin | category: av link | tags: all-threats, computer-infected, facebook, [...]