Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
15213 Views 9 Replies Latest reply: Jun 26, 2011 3:38 PM by Ex_Brit RSS
natwjwab Newcomer 9 posts since
Nov 22, 2010
Currently Being Moderated

Nov 22, 2010 10:45 PM

Vista Security 2011

Getting bombarded with fake alerts from Vista Security... "Vista Security 2011 Alert"... with messages like "security hole detected!", or " your computer is being actively monitored"... or "Privacy Threat!" with recommendations to purchase software.

 

Don't understand why McAfee didn't catch this, nor why they have no information on their web site regarding this.  It is like they are unaware.

 

So... how to remove?  Have to buy more software?

 

Thanks.

  • Ex_Brit Volunteer Moderator 59,556 posts since
    May 6, 2004
    Currently Being Moderated
    1. Nov 23, 2010 4:31 AM (in response to natwjwab)
    Re: Vista Security 2011

    That fake anti-malware comes in several disguises as you will see in the following link, regular antivirus applications often don't or can't deal with them very well. There is an excellent removal guide here for this.  Scrolll down that page as the first links you see are all advertising.

     

    http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2011


    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools
  • Hayton Volunteer Moderator 4,599 posts since
    Sep 27, 2010
    Currently Being Moderated
    2. Nov 23, 2010 4:41 AM (in response to natwjwab)
    Re: Vista Security 2011

    Hi natwjwab

       This program is an old fake program, renamed to try and catch people unawares.

     

    It looks to McAfee just like a real program, which is why AV doesn't always detect it. A fake program can be used to download malware, and McAfee would detect and block that if it were tried.

     

    Fortunately there are people out there who keep track of all these rogue programs and spread the word about them.

     

    The important things are not to click on anything when these messages come up on your screen, and not to be persuaded to buy the useless program that will "fix" all the "errors" and "viruses" that the pop-up windows loudly claim to be finding.

     

    There is full information on how to get rid of this annoyance at bleepingcomputer - see the link below

    http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2011

     

     

    Apologies natwjwab for duplicating Ex-Brit's advice. He was first, so follow his advice.

     

     

    Message was edited by: Hayton on 23/11/10 10:41:31 GMT

    Volunteer Moderator  Leeds, UK
    No PM's please
  • techrumy Apprentice 54 posts since
    Feb 3, 2010
    Currently Being Moderated
    3. Nov 24, 2010 4:57 PM (in response to natwjwab)
    Re: Vista Security 2011

    Alternate Vista Security 2011 removal instructions:

     

    1. Click Start->Run or press WinKey+R. Type in "command" and press Enter key.

    2. In the command prompt window type "notepad" and press Enter key. Notepad will come up.

    3. Copy all the text in blue color below and paste to Notepad.

     

    Windows Registry Editor Version 5.00


    [-HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]

    [-HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]

    [-HKEY_CLASSES_ROOT\.exe\shell\open\command]

    [HKEY_CLASSES_ROOT\.exe]

    @="exefile"

    "Content Type"="application/x-msdownload"


    [-HKEY_CLASSES_ROOT\secfile]

     

    4. Save file as fix.reg to your Desktop. NOTE: (Save as type: All files)

    5. Double-click on the fix.reg file to run it. Click "Yes" for Registry Editor prompt window. Then click OK.

    6. Download free anti-malware software from the list below and run a full system scan.

     

    Source: http://deletemalware.blogspot.com/2010/11/remove-vista-antispyware-2011-and-vist a.html

     

    Good luck!

  • alaric Newcomer 2 posts since
    May 5, 2011
    Currently Being Moderated
    4. May 5, 2011 6:28 AM (in response to techrumy)
    Re: Vista Security 2011

    Hi. My laptop has this infection, but also reboots itself during a scan. I cannot get malwarebytes to install. Can anyone offer an update as this has happened within the last few days. A very frustrating virus. Is it worth trying to boot under linux and deleting the offending files if I can find them?

     

    Regards.

     

    Sean.

  • Ex_Brit Volunteer Moderator 59,556 posts since
    May 6, 2004
    Currently Being Moderated
    5. May 5, 2011 6:39 AM (in response to alaric)
    Re: Vista Security 2011

    alaric wrote:

     

    Hi. My laptop has this infection, but also reboots itself during a scan. I cannot get malwarebytes to install. Can anyone offer an update as this has happened within the last few days. A very frustrating virus. Is it worth trying to boot under linux and deleting the offending files if I can find them?

     

    Regards.

     

    Sean.

    Malwarebytes can be installed, updated and run all in 'Safe Mode with Networking' which hopefully will allow internet access whilst not allowing whatever the bug is, to run.  Try that.


    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools
  • alaric Newcomer 2 posts since
    May 5, 2011
    Currently Being Moderated
    6. May 5, 2011 9:46 AM (in response to Ex_Brit)
    Re: Vista Security 2011

    Peter, you were right. I went into safe mode, and was then able to install Malwarebytes but only when I renamed it to mb.com - the renaming hadn't worked in normal log in mode. I did a full scan and it found an additional 9 items - I had managed to get Superantispyware to install and ran a scan with that earlier. One of the files that I removed was the one that I had been stopping in the process list in task manager - bgx.exe - stopping that tree got rid of the pop up menus. I have the log if you are interested.

     

    I still have a problem starting and stopping windows however, which may not be related. On shutting down the machine logs off then goes to the blue screen before going into restart rather than switching off. On start up it takes ages after I've entered the account password. My plan is to repeat the scans etc and see if there's anything still there, then update / repair windows.

     

    This is typed from the computer that was infected, however, so I've made a lot of progress.

     

    I thought I had McAfee fully enabled. Is there anything that I can do to prevent this in future - I've been away for a week and come back to find the computer infected, so don't actually know how it happened - my wife and son use it too and she's looking very sheepish.

     

    Thanks for your help.

     

    Sean.

     

    Message was edited by: alaric on 05/05/11 09:46:52 CDT
  • Ex_Brit Volunteer Moderator 59,556 posts since
    May 6, 2004
    Currently Being Moderated
    7. May 5, 2011 9:59 AM (in response to alaric)
    Re: Vista Security 2011

    No antivirus is going to stop 100% of tthe malware that's out there, but obviously it's an excellent start, that's why MB and other tools are useful.   I probably wouldn't be able to make much sense of the logs as I'm not really a specialist in that field.

     

    Off the top of my head blue screens usually mean drivers missing or corrupted, but it could be almost anything.

     

    Windows default settings mean BSOD's flash by so fast that one can't read them

     

    You can alter that so they stay on until you reboot, that way one can read the stop codes and any other relevant information.  Right-click Computer > Properties > Advanced System Settings > Startup and Recovery > Settings and uncheck Automatically restart, Apply and OK.

     

    Maybe after all is done, you should run Hijackthis and post your questions on one of their expert forums for advice.

     

    DOWNLOAD HIJACKTHIS

     

    Do not post Hijackthis logs here, we can't help with  those!

     

    Post the logs at a specialist Forum:

     

    AUMHA

     

    BLEEPINGCOMPUTER

     

    MAJOR GEEKS

     

    MALWAREBYTES

     

    MALWARE REMOVAL

     

    SPYWAREHAMMER

     

    SPYWARE INFO

     

    WHATTHETECH

     

    Be sure to read all the sticky announcements/instructions at the top of each malware forum!

     

    Message was edited by: Ex_Brit on 05/05/11 10:59:11 EDT AM

    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools
  • andrewbarlow Newcomer 1 posts since
    Jun 26, 2011
    Currently Being Moderated
    8. Jun 26, 2011 3:19 PM (in response to natwjwab)
    Re: Vista Security 2011

    Last post here was 5th May - I have the latest dat from Mcafee and I still got the Vista Security 2012 alert malware. Is this s floor in the Mcafee engine - or do the characteristics of this attack not quite fit the *.dat?

    How come even after a month of it being reported and me having the latest dat files it has still come straight through my AV ?

    Its a really nasty piece of malware this one - it changes file associations etc and stops you launching exe's such as windows explorer and renders IE useless...

    I have fixed mine with Spy Bot - but my question - which is why I as so hopping mad - is that it was reported over a month ago - there are even threads back as far as 2009 on a similar strain and the software I trust to keep my pc safe still insists in telling me that everything is fine...

     

    When I took out my subscription with Mcafee it was never suggested that I would need another 3rd party piece of software incase Mcafee couldn't deal with it?

    Maybe I remember this experience when the annual renewal is due...

    Thanks Mcafee

  • Ex_Brit Volunteer Moderator 59,556 posts since
    May 6, 2004
    Currently Being Moderated
    9. Jun 26, 2011 3:38 PM (in response to andrewbarlow)
    Re: Vista Security 2011

    I hear you and I trust so does McAfee and I know they are working on this and the thousands of other fake antimalware pests that are making life miserable for a lot of people.  Unfortunately it seems from what I read that it's hit and miss that any of them will be caught by any of the major antivirus applications because of the way they work.  Hence the need for specialist tools such as Malwarebytes Free, whcih I would recommend over Spybot any day.

     

    None of the a/v makers will tell you you need other applications but if you read the internet articles on malware you should know that extra precautions are necessary.

     

    Sorry for the trouble you've had.


    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points