As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
My PC is infected with a fake anti-spyware program called 'Vista Internet Security'
tbloxham
Registered User regular
Registered User regular
Hey, so I logged in tonight and found I've been infected with a trojan, it's called (this is the real name, I'm not making some clever joke about Vista not working) Vista Internet Security 2010. It has launched a fake anti virus scanner, cannot be closed, and has also launched a fake microsoft security center. Whenever I try to launch a browser, it pops up a warning about it (a fake warning)
I have Avast running, and am running a scan in Spybot now, but I doubt it will have any effect.
There are links in google search regarding it, but I can't find any from a website I trust, and all the solutions require registry editing or running an exe. Does anyone have any advice for me? From reading the documentation about it it seems to run keyloggers and all kinds of nasty stuff in the background.
I have Avast running, and am running a scan in Spybot now, but I doubt it will have any effect.
There are links in google search regarding it, but I can't find any from a website I trust, and all the solutions require registry editing or running an exe. Does anyone have any advice for me? From reading the documentation about it it seems to run keyloggers and all kinds of nasty stuff in the background.
"That is cool" - Abraham Lincoln
tbloxham on
0
Posts
Still, this is worrying stuff, if something can slip so easily past my defences which then announces itself to try and get me to give it money then perhaps Avast and Spybot isn't as potent a combination as I'd thought. Any other suggestions from the people here to look at?
Bah, I'm starting to dislike computers.
yeah, never use 'em myself..
I thought Avast was one of the better freebie Anti Virus progs out there. Its weird it was let through. Unless you were targeted specifically.
I've not had any serious problems since I started using it, I actually switched to it after a similar scare with a fake security program installing itself. It's given me warnings and blocked access in the past when it decided something was dangerous. I also scan weekly with spybot. I guess now I'll scan weekly with spybot and malwarebytes!
I suppose we're almost to the point where we'll need a primary user account with no privilages to install anything to browse the internet and a supervisor account to install stuff we want to use.
That's pretty much what you should be doing anyway. Why does the account you use every day need administrator rights?
For day to day browsing it's best just to use a standard user account with no privileges and right click -> run as administrator if / when you want to install anything.
It is highly recommended that you use a limited account to browse, or do any day-to-day operation. If mucking about with existing user account privileges and such sounds like a hassle, there are other ways to keep yourself safe. You can try browsing in a virtual machine, or else install something like Sandboxie to make sure anything that comes through the web can't impact your machine. You can also configure your browser to run in a 'dropped rights' state, so that even if you are running as Admin, the browser isn't.
In terms of A/V, I'll throw my hat in with Microsoft Security Essentials as a free solution. People have been saying some nice things about it, and it's pretty low-key in terms of user interaction and resources.
Edit: I'd also agree that a weekly scan with malwarebytes is a good idea. Spybot is OK, but I'd use it mostly for the immunization function. It doesn't have quite the 'teeth' that malwarebytes does when it comes to fighting rogues.
edit: nevermind misread first three posts as one of them being from someone else, do not reformat
I gave up on using the limited access account since I became frustrated that everything was requiring a dozen extra clicks, or would crash unexpectedly halfway through loading (or not be able to save due to insufficient privileges)
Sandboxie sounds like a good idea though, I suppose what it does is allow me to delete everthing installed by my browser in one click? Although, does it also delete everything I've downloaded myself from the internet?
I'm intrigued by the idea of limited permissions for my browser, how do I go about setting that up?