Posted by: Paul | April 21, 2010

Virus Removal – Vista Security 2010

Techie post today. On Monday morning my machine became infected by a rather pernicious piece of malware, calling itself “Vista Security 2010”.

I’m fairly careful about what I do on the web and also fairly security conscious, but this nasty little virus (though it’s not technically a virus, it enters your system via a trojan, which is) managed to sneak past my up-to-date virus checker, Avira.

What it does is brings up a panel which is almost identical to the real Windows Vista security Centre, where you check and change things like Firewall settings, virus and spyware protection and so on. It then tells you your system is infected / under attack / being hijacked / all of the above, and invites you to run a “free security scan”, which then redirects you to another panel where you buy a registration key for the “software” it purports to be. Make no mistake about it – this is FRAUD.

It could also be hard to spot and quite frightening for the non-savvy user. Once it’s got in, it blocks access to your Malware removal programs (including the in-built Windows Defender), and also your internet browsers so you can’t get on the web to look for a solution or download a new malware remover / update your existing one. Very naughty indeed.

When this panel popped up for the first time, I smelled a rat. I had done nothing out of the ordinary – was checking my mail and uploading some files to an FTP site (it may have got in through the open FTP connection, possibly). I looked at this panel saying “WARNING! SYSTEM HIJACK!”. What clued me in to it not being genuine was a number of dreadful spelling and grammatical mistakes. I tried to right click the icon it was displaying in the system tray – no way to turn it off. Malware protection blocked. Browsers blocked. I switched off my wireless connection so it could not send any data to the web. Nasty little thing!

Fortunately I have a second PC so I got straight on Google and looked it up. Hey presto, it’s Malware, and goes by several different names. There were handy step-by-step guides to removing it – it gets into your Windows registry and changes a few things and adds some entries of its own, and a few clever people have written a few batch programs which put everything back as it should be, and you can then run a malware remover to get rid of the damn thing – which throws up pop-ups every few seconds. While it doesn’t stop your machine from working entirely, it would quickly drive you mad.

So if you find yourself infected with this, follow this link and the instructions it gives – worked for me, thankfully!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: