As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

My PC is infected with a fake anti-spyware program called 'Vista Internet Security'

tbloxhamtbloxham Registered User regular
Hey, so I logged in tonight and found I've been infected with a trojan, it's called (this is the real name, I'm not making some clever joke about Vista not working) Vista Internet Security 2010. It has launched a fake anti virus scanner, cannot be closed, and has also launched a fake microsoft security center. Whenever I try to launch a browser, it pops up a warning about it (a fake warning)

I have Avast running, and am running a scan in Spybot now, but I doubt it will have any effect.

There are links in google search regarding it, but I can't find any from a website I trust, and all the solutions require registry editing or running an exe. Does anyone have any advice for me? From reading the documentation about it it seems to run keyloggers and all kinds of nasty stuff in the background.

"That is cool" - Abraham Lincoln
tbloxham on

Posts

  • tbloxhamtbloxham Registered User regular
    edited February 2010
    I seem to have resolved the issue using a free program called 'Malwarebytes' which seems to have caught and corrected the problem. I'm surprised it made it so easily past Avast and spybot search and destroy (both with the most recent updates) without the first even giving a whisper or the second reporting anything. However I know it's too soon to celebrate, since these damn things love to hide in secret places on your disk and reinstall themselves. I'm running a full scan of the disk using malwarebytes in an attempt to root it out if it's still there.

    Still, this is worrying stuff, if something can slip so easily past my defences which then announces itself to try and get me to give it money then perhaps Avast and Spybot isn't as potent a combination as I'd thought. Any other suggestions from the people here to look at?

    tbloxham on
    "That is cool" - Abraham Lincoln
  • tbloxhamtbloxham Registered User regular
    edited February 2010
    Hmm, there also seems to be a related fix describing itself as a fix to my registry, which perhaps Malwarebytes didn't do. It's located here.... http://download.bleepingcomputer.com/reg/antivirus-vista-2010/FixExe.reg . Anyone familiar enough with registry editing files to tell me whether or not this one looks harmful, or if it will just change the settings back to what they should be.

    Bah, I'm starting to dislike computers.

    tbloxham on
    "That is cool" - Abraham Lincoln
  • RynaRyna Registered User
    edited February 2010
    tbloxham wrote: »
    Bah, I'm starting to dislike computers.

    yeah, never use 'em myself..

    I thought Avast was one of the better freebie Anti Virus progs out there. Its weird it was let through. Unless you were targeted specifically.

    Ryna on
  • tbloxhamtbloxham Registered User regular
    edited February 2010
    Ryna wrote: »
    tbloxham wrote: »
    Bah, I'm starting to dislike computers.

    yeah, never use 'em myself..

    I thought Avast was one of the better freebie Anti Virus progs out there. Its weird it was let through. Unless you were targeted specifically.

    I've not had any serious problems since I started using it, I actually switched to it after a similar scare with a fake security program installing itself. It's given me warnings and blocked access in the past when it decided something was dangerous. I also scan weekly with spybot. I guess now I'll scan weekly with spybot and malwarebytes!

    I suppose we're almost to the point where we'll need a primary user account with no privilages to install anything to browse the internet and a supervisor account to install stuff we want to use.

    tbloxham on
    "That is cool" - Abraham Lincoln
  • SporkAndrewSporkAndrew Registered User, ClubPA regular
    edited February 2010
    tbloxham wrote: »
    I suppose we're almost to the point where we'll need a primary user account with no privilages to install anything to browse the internet and a supervisor account to install stuff we want to use.

    That's pretty much what you should be doing anyway. Why does the account you use every day need administrator rights?

    For day to day browsing it's best just to use a standard user account with no privileges and right click -> run as administrator if / when you want to install anything.

    SporkAndrew on
    The one about the fucking space hairdresser and the cowboy. He's got a tinfoil pal and a pedal bin
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited February 2010
    tbloxham wrote: »
    Ryna wrote: »
    tbloxham wrote: »
    Bah, I'm starting to dislike computers.

    yeah, never use 'em myself..

    I thought Avast was one of the better freebie Anti Virus progs out there. Its weird it was let through. Unless you were targeted specifically.

    I've not had any serious problems since I started using it, I actually switched to it after a similar scare with a fake security program installing itself. It's given me warnings and blocked access in the past when it decided something was dangerous. I also scan weekly with spybot. I guess now I'll scan weekly with spybot and malwarebytes!

    I suppose we're almost to the point where we'll need a primary user account with no privilages to install anything to browse the internet and a supervisor account to install stuff we want to use.

    It is highly recommended that you use a limited account to browse, or do any day-to-day operation. If mucking about with existing user account privileges and such sounds like a hassle, there are other ways to keep yourself safe. You can try browsing in a virtual machine, or else install something like Sandboxie to make sure anything that comes through the web can't impact your machine. You can also configure your browser to run in a 'dropped rights' state, so that even if you are running as Admin, the browser isn't.

    In terms of A/V, I'll throw my hat in with Microsoft Security Essentials as a free solution. People have been saying some nice things about it, and it's pretty low-key in terms of user interaction and resources.

    Edit: I'd also agree that a weekly scan with malwarebytes is a good idea. Spybot is OK, but I'd use it mostly for the immunization function. It doesn't have quite the 'teeth' that malwarebytes does when it comes to fighting rogues.

    TetraNitroCubane on
    VuIBhrs.png
  • ArkanArkan Registered User
    edited February 2010
    Yeah, if you don't want to deal with viruses that target the registry then use a two-account setup - a passworded admin account that you only use if you're installing drivers or something and a main account you do everything else on. You'll have to enter the password every now and then if you're on vista (and maybe win7?) but the extra security is worth it.

    edit: nevermind misread first three posts as one of them being from someone else, do not reformat

    Arkan on
    Big, honkin' pile of WoW characters
    I think it's hard for someone not to rage at mario kart, while shouting "Fuck you Donkey Kong. Whose dick did you suck to get all those red shells?"
  • tbloxhamtbloxham Registered User regular
    edited February 2010
    tbloxham wrote: »
    Ryna wrote: »
    tbloxham wrote: »
    Bah, I'm starting to dislike computers.

    yeah, never use 'em myself..

    I thought Avast was one of the better freebie Anti Virus progs out there. Its weird it was let through. Unless you were targeted specifically.

    I've not had any serious problems since I started using it, I actually switched to it after a similar scare with a fake security program installing itself. It's given me warnings and blocked access in the past when it decided something was dangerous. I also scan weekly with spybot. I guess now I'll scan weekly with spybot and malwarebytes!

    I suppose we're almost to the point where we'll need a primary user account with no privilages to install anything to browse the internet and a supervisor account to install stuff we want to use.

    It is highly recommended that you use a limited account to browse, or do any day-to-day operation. If mucking about with existing user account privileges and such sounds like a hassle, there are other ways to keep yourself safe. You can try browsing in a virtual machine, or else install something like Sandboxie to make sure anything that comes through the web can't impact your machine. You can also configure your browser to run in a 'dropped rights' state, so that even if you are running as Admin, the browser isn't.

    In terms of A/V, I'll throw my hat in with Microsoft Security Essentials as a free solution. People have been saying some nice things about it, and it's pretty low-key in terms of user interaction and resources.

    Edit: I'd also agree that a weekly scan with malwarebytes is a good idea. Spybot is OK, but I'd use it mostly for the immunization function. It doesn't have quite the 'teeth' that malwarebytes does when it comes to fighting rogues.

    I gave up on using the limited access account since I became frustrated that everything was requiring a dozen extra clicks, or would crash unexpectedly halfway through loading (or not be able to save due to insufficient privileges)

    Sandboxie sounds like a good idea though, I suppose what it does is allow me to delete everthing installed by my browser in one click? Although, does it also delete everything I've downloaded myself from the internet?

    I'm intrigued by the idea of limited permissions for my browser, how do I go about setting that up?

    tbloxham on
    "That is cool" - Abraham Lincoln
Sign In or Register to comment.