Penny Arcade Forums Help / Advice Forum
The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.

Spoof antivirus!

IanatorIanator A predator cannot differentiatebetween prey and accompliceRegistered User regular
edited February 2011 in Help / Advice Forum
My desktop just got hit an hour ago with a spoof program called ALG Antivirus. I shut down the computer and looked up a fix via laptop (this one), which involved killing the process via the Task Manager. The program kept stopping me from bringing it up, but I managed to kill ALG when I CTRL-ALT-DEL'd right after startup.

The solution continues that I must remove the program's registry from my system, but after following the path there I can't find anything from "ALG Antivirus". (My regular AV, however, is safe and sound - but outdated.)

...Did I kill it?

steam_sig.png
Twitch | Blizzard: Ianator#1479 | 3DS: Ianator - 1779 2336 5317 | FFXIV: Iana Ateliere (NA Sarg)
Backlog Challenge List
Ianator on

Posts

  • FiggyFiggy Fighter of the night man Champion of the sunRegistered User regular
    edited February 2011
    Unlikely. Killing the process just shuts down the process. The program is still on your computer somewhere.

    It's possible whatever virus you got differs from the one the instructions are referring to. Have you tried a virus scan?

    Edit: Re-read and saw yours in outdated. Here's a quick and dirty free one: http://free.avg.com/ca-en/homepage

    Figgy on
    XBL : Figment3 · SteamID : Figment
  • bustin98bustin98 Registered User regular
    edited February 2011
    Here's another site that talks about if the alg.exe gets infected:

    http://www.computerhope.com/issues/ch000915.htm

    The best tip to keep from being infected: never run the computer as an admin user. Create a limited access account and leave the admin locked with a password. If a site you visit uses java, it can carry a virus into your Windows computer and install without asking any sort of permission or warning. The reason is the Java client inherits the permission level of the current user. So, if you have limited access, then so does java.

    This setup will also force a password request when anything wants to install. If you get the request unexpectedly, you can just deny it and no harm done.

    bustin98 on
    Xbox Live, PSN, Twitter: bustin98
  • IanatorIanator A predator cannot differentiate between prey and accompliceRegistered User regular
    edited February 2011
    Just got back from work. My computer's not showing any signs of the fake AV.

    Figgy: AVG is what I use, but my version expired last month and I've been lax in getting the new version. I downloaded it before I left today, about to install it now.

    Bustin98: I'll keep the account thing in mind.

    Ianator on
    steam_sig.png
    Twitch | Blizzard: Ianator#1479 | 3DS: Ianator - 1779 2336 5317 | FFXIV: Iana Ateliere (NA Sarg)
    Backlog Challenge List
  • PeccaviPeccavi Registered User regular
    edited February 2011
    I recommend Malwarebytes. When I got a virus a year ago that my school's AntiVirus couldn't fix, malwarebytes cleaned it up no problem (the virus was another of these fake av programs).

    Peccavi on
  • IanatorIanator A predator cannot differentiate between prey and accompliceRegistered User regular
    edited February 2011
    Malwarebytes found it. I actually thought I had it installed already from last time I got something like this.

    Ianator on
    steam_sig.png
    Twitch | Blizzard: Ianator#1479 | 3DS: Ianator - 1779 2336 5317 | FFXIV: Iana Ateliere (NA Sarg)
    Backlog Challenge List
Sign In or Register to comment.
Penny Arcade Forums Help / Advice Forum