×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
fake_windows_al
Former Member
Message 1 of 4

Fake Windows Security Alert in system tray

Help! A week ago, I got infected with a virus/trojan/malware (Vundo, others) that caused:
(a) pop-up advertisements to go rampant
(b) a fake windows security alert to show up in my system tray

I was running a current McAfee at the time (virus protection, firewall, etc).
I am still running McAfee, but also downloaded and ran Malwarebytes and SuperAntispyware. These found additional registery items plus I blocked internet explorer (I'm a firefox guy anyway) and the pop-ups stopped, but the fake security alert is still in my system tray. I know it is fake because it says Windows Updates if off and Windows Firewall is on. I can tell that both of these statements are incorrect when I pull up the proper screen(s) from control panel (I have Windows firewall off because I'm using McAfee's).

Can someone help me get this fake windows security alert out of my system tray?

I appreciate your time and insight!
3 Replies
Grif
Former Member
Message 2 of 4

RE: Fake Windows Security Alert in system tray

Please try this:

On a friend or family member's computer, download the Malwarebytes installer and update files from the links below, copy them to a CD or flash drive, then transfer the files to the problem machine and use them. If you can't start the computer into "normal" windows, try installing, updating, and running the scans AFTER the computer is started into Safe Mode.. I use the sites below to download the installer file and the manual updater:

Once downloaded and before transferring them to the problem machine, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe

Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/database/mbam-rules.exe

Next, download the SuperAntispyware program and the manual updater from the links below. After running the Malwarebytes tool above, if you still can't download and install it directly from the problem machine, download it on a friend or family member's computer as well.:

SuperAntispyware
http://www.superantispyware.com/

SuperAntispyware Manual Updater
http://www.superantispyware.com/definitions.html
____________

In a few situations, in order for the program to run, it was also necessary to rename the main "mbam.exe" file also after installing it.. It resides in the C:\Programs Files\Malwarebytes Antimalware folder.
____________________

Hope this helps and let us know more.

Grif
fake_windows_al
Former Member
Message 3 of 4

RE: Fake Windows Security Alert in system tray

Grif, thanks for taking the time to reply; but as you'll see from my original posting, I've already ran Malwarebytes and SuperAntiSpyware (learned about them from reading other posts in this forum before I made mine). As I stated, those tools stopped the pop-ups, but the fake windows alert (red shield with a 'x' in it) is still in my system tray.

Here are some posts other people have made with similar problems.

http://forums.techguy.org/malware-removal-hijackthis-logs/784361-fake-windows-security-alert-trojan....

http://www.geekstogo.com/forum/Fake-Windows-Security-Alert-Messages-t181611.html

http://forums.afterdawn.com/thread_view.cfm/728857

Any ideas on next steps is greatly appreciated.

Thanks!
Grif
Former Member
Message 4 of 4

RE: Fake Windows Security Alert in system tray

Have you also tried this?

Click on Start, click Run, and then type devmgmt.msc and click OK
On the View menu click on Show hidden devices
Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
Highlight that driver and right click on it and select DISABLE
Now RESTART your computer.

Hope this helps.

Grif
How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community