Vista Total Security 2011 Virus???

My other computer was recently infected with this virus. Prior to this, there were absolutely no signs that the computer had any problems. It came out of the blue. Now I can't open any browsers. Every time I try to, a pop up windows comes up saying the computer has been infected and my personal info my be at risk. Here are my questions:

1) Should I be worried about my personal info, ie. credit card numbers, things on my drive?

2) How does one obtain this virus?

3) Is it likely that it was hidden on my computer for sometime and something triggered it? Or does it all happen at once?

4) How does one get rid of it? Are there any options?

5) How does one protect their computer from getting it in the first place?

6) What's the best FREE anti virus protection program? I ask this because I heard Avast was very good, and yet it didn't detect the virus. Even after my computer was fully infected, the results still said "zero files infected".

 

Try Malwarebytes Anti-Malware

Malwarebytes.
Make sure you update it to the latest definitions. If you can't download it from your infected computer, try running in Safe Mode. If that still doesn't work, try uploading it from a USB stick or DVD.

The "Security Software" sounds like a common virus that has been going around for teh last couple years; changes names and faces etc... I've been infected twice myself.


1. Keep an eye on yoru credit cards and debit cards.

2. Most likely went to an infected website.

3. Maybe

4. Use Malwarebytes program mentioned above

5 + 6. I use Microsoft Security Essentials. It's FREE, provided by Microsoft, and scans your computer in real-time, thereby preventing these infections. [I was infected prior before using MSE].
Virus, Spyware & Malware Protection | Microsoft Security Essentials


Good luck and keep us posted

 

1) You keep your credit card info on your computer, shame on you. Yes I would be worried.

2) Not keeping your AV up to date, using a crappy AV, bad surfing habits, pr0n sites.

3) Hard to say when it was installed without using an AV program to get some detailed info of the virus.

4) Try Microsoft Security Essentials, or Avast AV and Malwarebytes.

5) See #2 response

6) Try M.S.E. and run mrt from the start search field. You can scan for malware and rootkits.

 

Thanks for the quick replies. I can't be long so I'll give a proper reply later on.

I'd just like to address this for now. I don't keep my credit card info on my computer but I have made several transactions with my credit card. Should I be worried about that?

 

No, unless you use a program that stores passwords and account info you shouldn't worry. I know of individuals who have stored bank accounts, SSN, and credit card info on their computer, ouch!

 

Sorry for the late reply but are you sure Malwarebytes Anti-Malware will work? I talked to some techies at Best Buy and they said the only way to fix the problem is to restore the computer. Did it work for you? I might as well give it a shot. So all I need to do is upload the program from a USB stick and run the program?

Also, if I plan on saving all my files by transferring all my data onto an external hard drive, should i be worried that the infected files will also be transferred to the external hard drive and thus to any other computer that I transfer said files onto?

 

Yes, Malwarebytes Anti-Malware should remove the malware. It's a common spread malware that forces you to install a fake anti-virus and tricks you into purchasing it with a credit card. Then your credit card information is sent across the internet.

Read about it here:
http://www.precisesecurity.com/rogue/vista-total-security-2011/

The techies at Best Buy don't know what they are talking about. Sounds like they are too lazy to solve the problem and just want you to restore the computer.

 

Not unless you gave it any. This virus is a trojan and doesn't try to scour your computer for info but instead tries to trick you into giving it that info.

Many ways. It's possible that you tried to run a software crack and it ended up being malicious. It could also have been an XSS attack from an ad.
3) Is it likely that it was hidden on my computer for sometime and something triggered it? Or does it all happen at once?

There are options. See this for a full guide to remove the virus:

Remove XP Anti-Spyware 2011, Vista Security 2011, and Win 7 Internet Security 2011 (Uninstall Guide)

System security is never perfect and there's never a single solution: it's multilayered. First off, I'd suggest an adblocker for your browser and/or using a modified system host file. Second, I'd suggest turning on UAC if you have not already: it makes virus removal much easier in a case like this. Third, I suggest you use Microsoft Security Essentials. Those would be my "top three" tips.

Once a virus gets on your computer it can use MANY methods to hide itself. Don't blame avast, it's only a program. That said, I suggest Microsoft Security Essentials.

 

Plenty of people do that, obviously, and for good reasons. Computers can be used for more than gaming, you know. In fact, there's programs like Intuit's Quicken that hundreds of thousands of people use for handling their finances. These programs obviously do store bank and credit card account numbers in their data bases, but of course no SSNs.

Having said that, clearly a computer that holds such information is an attractive target (although I have never heard of anybody's Quicken data file having been stolen and exploited for nefarious purposes), and should be treated accordingly.

 

Vista Total Security 2011 is a classic trojan. All it wants to do is trick you into giving it information. I've never heard of it trying to actually find any information.

That said, I would still suggest you play it careful. If I were you I'd simply reformat and go back to one of my system images.

 

No. Unless you store all CC information in plain text; your name, CC account number, expiration date, CVC code (3 or 4 digits on the back of the card).
If all that info is stored on your notebook, you'd better encrypt it next time.

Most likely by visiting a site which (accidentally) made use of a compromised ad server which displayed an infected ad.

Unlikely.

Options are;
1 - Using removal tools like Malwarebytes'Antimalware and HitmanPro3 giving you close to a 100% certainty.
2 - Reinstalling the OS / Restoring an image of your OS and programs (if you'd made one) giving you 100% certainty.

Smart browsing/common sense, a multi-layered defense.
Use an ad-blocker for your browser.
Use a user account if you are not administrating.
Perhaps Firefox add-on Noscript against pesky stuff.
Personally I'd recommend the program ' Sandboxie' for containing all internet facing apps.
Running your webbrowser with Sandboxie makes it pretty much bullet proof against common malware.

There's not one AV that will catch everything. Not one.
So you really shouldn't rely on having an AV installed and assuming you can do/visit 'whatever you want'. Still, I'd recommend having an AV; Avira, Avast or MSE.
Just make sure you don't fully rely on it.

 

I've come across different variations of this nasty little blighter a few times, and can be tricky to remove. When I have attempted to remove it, I've given up and re-installed windows, whatever I did there was always a trace, that's not to say it can't be removed, just I got frustrated, so my suggestion is restore the machine from a backup, or re-install windows.

It can come from many places, but mainly from clicking links and away it goes, it's on your system.

The most recent one was on my mums system, my hotmail was hacked into a couple of weeks ago, and it sent emails to my address book. Unfortunately my mum clicked it and she was infected. She told me she paid £30 to get spyhunter? and this removed it from the system.

 

Just boot into safe mode (F8 key) and run Malwarebytes Anti-Malware to remove the malware. You'll have to reboot your computer once or twice to make sure it is completely removed. You don't have to go as far as a restoring the computer to a previous state or reinstalling Windows.

I just had to remove one from my company's computers and this time it was called PC Security Guardian (another variation of this malware). Apparently, Symantec Endpoint Protection is not great at detecting this malware and my company has several hundred computers.

 

How did you make sure the infection didn't also perhaps involve a nasty rootkit?
Current TDL4 samples bypass Microsoft's recent patch against former TDL3/4 samples and while they are being detected by a lot of AV's/AM's, new variants are being rolled out over the web. ( link)
Especially for a company computer, a fresh image would seem more secure, faster and requires even less rebooting.

 

Baserk, this virus isn't known to install any rootkits. It's a classic trojan, that's it.

Still, I agree that when using company computers you should be extra thorough.

 

This is correct. What we are talking about here is a fairly harmless Trojan, which is also easy to remove manually. Any even halfway decent anti-virus software should have no problems cleaning that out for you.