Oh for the days when computing was simple. A small popup appeared on my desktop saying Security Alert from George E. As I scurried
to escape a phony Windows seurity window appeared saying I have 5 trojans and then a screen with those same trojans flashing everywhere. I got away and ran Avast 5.1.889 and as I expected there are no threats found. I am no longer able to run MBAM because
it hangs on my Acer desktop that I have had so much trouble with.
My question is why did Avast not block as it usually does and my firewall (PC tools did not either).
Donna in AR
Vista 32
Have you updated to MBAM 1.50.1 ???
Have you updated Vista to SP2 ???
You should update IE to at least IE8 and preferably IE9.
If you have then please update your signature.
The one time fee for MBAM is well worth the price as it provides DriveBy attacks. 8)
My question is why did Avast not block as it usually does and my firewall (PC tools did not either).
No security program have 100% detection
have you tried to run Malwarebytes in safemode ?
start in safemode with networking so you can update it before you scan
if it works and when done then try runnig it again in normal mode
i would also recomend you to update your system to the latest service pack as your still on sp1 and that is a security risk in itself and if your malwarebytes isnt working (delet it) because that is old as well, version is now 1.50.1 and a fresh install should get it working fine again so you can run a second scan of your system.
No I have not updated to IE8 or 9, I deleted MBAM with Revo weeks ago as it hung constantly. I have kept my machine updated fully from Windows but it has refused 2x time to accept Svc. Pack 2 and frankly my opinion of Windows is not very high at the moment and
I have had a couple of updates that crashed my other machines. My sister’s vista 32 also has refused to shut down at least twice and event logs reveal nothing. There may be driver problems but I
really don’t know how to check those for updating. Both machines are just over 2 years old so maybe they have passed the sell by date.
I you have a recipe for loading Svc. Pack 2 let’s hear it. When I google the problems with it on vista they make my blood run cold!
Donna
If you happened to be browsing at the time (otherwise you wouldn’t have called it a driveby):
The alert in itself is just a pop-up (usually triggered by visiting a hacked site) that in itself isn’t malicious. What it relies on is a user response which would then triggers the download and probable install of a payload.
So avast doesn’t see anything malicious in the pop-up and nor does your firewall.
Right lets get on to what to do about driveby attacks:
keep your OS and browsers up to date, your firefox isn’t up to date (3.6.13) and nor is your IE (IE8 or 9beta) up to date.
If using firefox as your default browser, if you haven’t already got these add-ons do so.
NoScript, this blocks all scripts from running until you explicitly give permission for the site. Sites may have many scripts that are from 3rd party links also and generally it is these which are more dangerous as that is generally what happens in a hacked site trying to run scripts from another site.
AdBlock Plus, whilst this blocks unwanted ads, it does have a bonus in blocking poisoned ads, ones which have been crafted to be malicious.
I don’t use Chrome or Opera, so I don’t know what the current versions are, why you have so many browsers is beyond me, I have my default browser of choice firefox and one other the sod that is part of the OS IE.
Chrome is starting to get more add-ons become available, NotScript I believe is meant to be equivalent to FF NoScript, so you could also check that out.
I’ve been out looking at Win7 desktops since my troubles began BUT as I said before my faith in Windows is weak. It would eliminate all the old stuff I’m using and maybe I could get 2 more years. LOL
David, I use multiple browsers for dedicated tasks. The speed dials on Chrome and Opera are all I use and I have 12 favorite sites which open from the one page on each one so consequently I don’t use FF as much any more.
Donna
I have my favourite site, commonly those I have been using open when I close firefox and guess what they are opened when I start it ;D
Not to mention I have a folder in the bookmarks that if I need to click open all in tabs and all are opened in their own tabs. No speed dial required and more than one way to skin a cat ;D
But that matters not a jot, what does is keeping them up to date.
I agree with all your observations and I do the same. FF 3.6.13 is current as far as I can see and FF is way behind in that they have not issued
a version for Win64 and Win7. If you could see Opera and Chrome speed dial pages set up as I have them you’d know why I am hooked but each to his own!
I could send you a screenshot. LOL
It is interesting that I keep 3 browsers updated constantly and most of them do it in the background. IE I have let languish because I have to use
Windows update and the google reports are never good. I know it is used for other things but the only time I use it is to vote for an animal
shelter once a day and then I never open it again. If I try to go to 8 or 9 my old machine will probably hang again and some of my specialized
flash drives won’t work. Just don’t know if I have the patience to fool with it or not.
The problems with 64bit are the only reason I haven’t bought a Win7 machine because I love new things.
Donna
Opera is a lovely job. It is so well thought out but the killer feature is that so few use it that is not worth the while of malware authors to exploit it.
You will either love it or hate it. I love it.
Running a web browser under the control of SandBoxIE is a very good way of protecting yourself. That software makes it immensely more difficult for malware to ruin a system.
When I see a rogue popup, I kill the browser without hesitation.
Thanks for the reminder to do mbam again. I did and it found 89 malware and I know exactly where they came from–a download from an
unapproved site 3-4 days ago. I’m using the free for now and if it does not hang I will purchase this one.
Donna