9 Replies Latest reply on Jun 26, 2011 3:38 PM by Peter M

    Vista Security 2011

      Getting bombarded with fake alerts from Vista Security... "Vista Security 2011 Alert"... with messages like "security hole detected!", or " your computer is being actively monitored"... or "Privacy Threat!" with recommendations to purchase software.


      Don't understand why McAfee didn't catch this, nor why they have no information on their web site regarding this.  It is like they are unaware.


      So... how to remove?  Have to buy more software?



        • 1. Re: Vista Security 2011
          Peter M

          That fake anti-malware comes in several disguises as you will see in the following link, regular antivirus applications often don't or can't deal with them very well. There is an excellent removal guide here for this.  Scrolll down that page as the first links you see are all advertising.



          • 2. Re: Vista Security 2011

            Hi natwjwab

               This program is an old fake program, renamed to try and catch people unawares.


            It looks to McAfee just like a real program, which is why AV doesn't always detect it. A fake program can be used to download malware, and McAfee would detect and block that if it were tried.


            Fortunately there are people out there who keep track of all these rogue programs and spread the word about them.


            The important things are not to click on anything when these messages come up on your screen, and not to be persuaded to buy the useless program that will "fix" all the "errors" and "viruses" that the pop-up windows loudly claim to be finding.


            There is full information on how to get rid of this annoyance at bleepingcomputer - see the link below




            Apologies natwjwab for duplicating Ex-Brit's advice. He was first, so follow his advice.



            Message was edited by: Hayton on 23/11/10 10:41:31 GMT
            1 of 1 people found this helpful
            • 3. Re: Vista Security 2011

              Alternate Vista Security 2011 removal instructions:


              1. Click Start->Run or press WinKey+R. Type in "command" and press Enter key.

              2. In the command prompt window type "notepad" and press Enter key. Notepad will come up.

              3. Copy all the text in blue color below and paste to Notepad.


              Windows Registry Editor Version 5.00






              "Content Type"="application/x-msdownload"



              4. Save file as fix.reg to your Desktop. NOTE: (Save as type: All files)

              5. Double-click on the fix.reg file to run it. Click "Yes" for Registry Editor prompt window. Then click OK.

              6. Download free anti-malware software from the list below and run a full system scan.


              Source: http://deletemalware.blogspot.com/2010/11/remove-vista-antispyware-2011-and-vist a.html


              Good luck!

              • 4. Re: Vista Security 2011

                Hi. My laptop has this infection, but also reboots itself during a scan. I cannot get malwarebytes to install. Can anyone offer an update as this has happened within the last few days. A very frustrating virus. Is it worth trying to boot under linux and deleting the offending files if I can find them?





                • 5. Re: Vista Security 2011
                  Peter M

                  alaric wrote:


                  Hi. My laptop has this infection, but also reboots itself during a scan. I cannot get malwarebytes to install. Can anyone offer an update as this has happened within the last few days. A very frustrating virus. Is it worth trying to boot under linux and deleting the offending files if I can find them?





                  Malwarebytes can be installed, updated and run all in 'Safe Mode with Networking' which hopefully will allow internet access whilst not allowing whatever the bug is, to run.  Try that.

                  • 6. Re: Vista Security 2011

                    Peter, you were right. I went into safe mode, and was then able to install Malwarebytes but only when I renamed it to mb.com - the renaming hadn't worked in normal log in mode. I did a full scan and it found an additional 9 items - I had managed to get Superantispyware to install and ran a scan with that earlier. One of the files that I removed was the one that I had been stopping in the process list in task manager - bgx.exe - stopping that tree got rid of the pop up menus. I have the log if you are interested.


                    I still have a problem starting and stopping windows however, which may not be related. On shutting down the machine logs off then goes to the blue screen before going into restart rather than switching off. On start up it takes ages after I've entered the account password. My plan is to repeat the scans etc and see if there's anything still there, then update / repair windows.


                    This is typed from the computer that was infected, however, so I've made a lot of progress.


                    I thought I had McAfee fully enabled. Is there anything that I can do to prevent this in future - I've been away for a week and come back to find the computer infected, so don't actually know how it happened - my wife and son use it too and she's looking very sheepish.


                    Thanks for your help.




                    Message was edited by: alaric on 05/05/11 09:46:52 CDT
                    • 7. Re: Vista Security 2011
                      Peter M

                      No antivirus is going to stop 100% of tthe malware that's out there, but obviously it's an excellent start, that's why MB and other tools are useful.   I probably wouldn't be able to make much sense of the logs as I'm not really a specialist in that field.


                      Off the top of my head blue screens usually mean drivers missing or corrupted, but it could be almost anything.


                      Windows default settings mean BSOD's flash by so fast that one can't read them


                      You can alter that so they stay on until you reboot, that way one can read the stop codes and any other relevant information.  Right-click Computer > Properties > Advanced System Settings > Startup and Recovery > Settings and uncheck Automatically restart, Apply and OK.


                      Maybe after all is done, you should run Hijackthis and post your questions on one of their expert forums for advice.


                      DOWNLOAD HIJACKTHIS


                      Do not post Hijackthis logs here, we can't help with  those!


                      Post the logs at a specialist Forum:






                      MAJOR GEEKS




                      MALWARE REMOVAL




                      SPYWARE INFO




                      Be sure to read all the sticky announcements/instructions at the top of each malware forum!


                      Message was edited by: Ex_Brit on 05/05/11 10:59:11 EDT AM
                      • 8. Re: Vista Security 2011

                        Last post here was 5th May - I have the latest dat from Mcafee and I still got the Vista Security 2012 alert malware. Is this s floor in the Mcafee engine - or do the characteristics of this attack not quite fit the *.dat?

                        How come even after a month of it being reported and me having the latest dat files it has still come straight through my AV ?

                        Its a really nasty piece of malware this one - it changes file associations etc and stops you launching exe's such as windows explorer and renders IE useless...

                        I have fixed mine with Spy Bot - but my question - which is why I as so hopping mad - is that it was reported over a month ago - there are even threads back as far as 2009 on a similar strain and the software I trust to keep my pc safe still insists in telling me that everything is fine...


                        When I took out my subscription with Mcafee it was never suggested that I would need another 3rd party piece of software incase Mcafee couldn't deal with it?

                        Maybe I remember this experience when the annual renewal is due...

                        Thanks Mcafee

                        • 9. Re: Vista Security 2011
                          Peter M

                          I hear you and I trust so does McAfee and I know they are working on this and the thousands of other fake antimalware pests that are making life miserable for a lot of people.  Unfortunately it seems from what I read that it's hit and miss that any of them will be caught by any of the major antivirus applications because of the way they work.  Hence the need for specialist tools such as Malwarebytes Free, whcih I would recommend over Spybot any day.


                          None of the a/v makers will tell you you need other applications but if you read the internet articles on malware you should know that extra precautions are necessary.


                          Sorry for the trouble you've had.