My main computer has been out of commission for several days because of an annoying Fake AntiVirus by the name of Vista Home Security 2012. Like most fake AVs, it blocks access to the internet while attempting to scare me into paying the creators to remove viruses that aren't there. The difference that is frustrating is its sheer tenacity. I've run several different virus scans, and while they've removed other viruses that slipped on, Vista Home Security 2012 was not removed. My father, who is a genius when it comes to computers, ran a special scan from his flash-drive that scoured my entire computer, not just the C: and D: drives, but that still didn't remove Vista Home Security 2012. Last night, he TOOK OUT MY HARD DRIVE to comb it for viruses, and that STILL hasn't removed it.

Has anyone else encountered this? How do you remove it? Is my computer doomed?

In general, a good thing to do when you have a problem like this is google the offending program's name and look for sites with instructions on how to remove it. Often, someone will have a program available for download specifically designed to remove this single virus/malware. You do need to be cautious about the possibility of the removal tool being malware in disguise, but I don't think that's common.

In specific, reply #3 from here (http://www.computing.net/answers/security/vista-home-security-2012-virus/36066.html) looks like it's probably legitimate.

Problems like this can be solved by one method. Well any problem can. Kill it with fire. Save content you want to keep and reformat the computer.
Or you could use this? http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012
It's quite reliable but as the page say's "This is a self-help guide. Use at your own risk". I still say kill it with fire. but you're choice.

I'm going to agree with Captain Obvious here. Back up your data, reformat the hard drive, and reinstall windows.

Assuming this is the same old malware with a new name, a system restore may work for you, as it has for me on one occasion. That was gratifying, given that the previous time it came up my father ended up spending the best part of a day trying to remove it.

This may be of help. (http://www.malwarehelp.org/fake-windows-security-center-analysis-and-removal-2009.html)

to quote one of my heroes:

I say we bug out and nuke the site from orbit... only way to be sure.

I've encountered the Windows XP version of this bug and removed it successfully.

Here is what I did:

1) On a different computer, downloaded the latest copy of MalwareBytes Anti-Malware. Copied the installation .exe onto a USB drive.
2) Reboot the infected PC into safe mode by holding down CTRL-F8 during the reboot cycle. This starts it up in a mode that does not run most programs from the registry.
3) Install and run the anti-malware program and clean the program off.
4) Following the instructions here (http://www.2-viruses.com/remove-vista-home-security-2012), go through the windows registry using regedit32 and delete any offending registry entries that the scanner missed. Also delete any files missed by the scanner.
5) Reboot into normal mode.

The program should be gone.

Respectfully,

Brian P.

My dad ended up doing some research of his own, and finally managed to purge all of it. Now it's working fine. Thanks for all your advice. Hopefully with the new antivirus program he installed and the proper updates, I won't run into this hydra of a virus ever again. :smallsmile:

Hopefully with the new antivirus program he installed and the proper updates, I won't run into this hydra of a virus ever again. :smallsmile:
Famous last words it seems. Not more than an hour after getting rid of this virus, while I was surfing DeviantArt, I got hit by the same virus but with a different name! :smallmad:

My dad knew exactly what to do, from dealing with its predecessor in the past few days, but I can't believe that immediately after getting rid of this virus, I got it AGAIN! What is it about DeviantArt that makes it a hideaway for malware?! :smallfurious:

DeviantArt is a site where people can freely upload anything they like, and you're wondering why it's a haven for malware? :smallwink:

Why didn't your new virus scanner catch the infection this time, though?

What kind of antivirus you use?

Well, I also heard that someone else was infected after a trip to TvTropes (don't do this at home, kids!). Leads me to think it is related to the ads, but I may be hilariously wrong.

You know, that could very well be. The virus was slightly different (different name, presumably different coding) so as not to be identical, though it functioned the same. As for what antivirus I use, there's Microsoft Security Essentials, as well as Malwarebytes and Super Anti-Virus. Thankfully, this new virus is gone now, as my dad was able to do the same thing that got the first virus off right away, but I think I'm gonna stay away from TV Tropes and DeviantArt on that computer for a while, just to be safe. :smallsigh:

WOW! Hopefully if it comes to this, a reboot will still work. Hope it turns out well and you have your computer and files back just the way they were.

Don't worry, everything is back to normal. I checked. But I'm going to be careful about the sites I visit for now, at least for a few days. I want to be able to play Skyrim, after all!

Don't worry, everything is back to normal. I checked. But I'm going to be careful about the sites I visit for now, at least for a few days. I want to be able to play Skyrim, after all!

Final note: In addition to using the methodology I described above , you can also use system restore (http://www.ehow.com/how_4962506_restore-windows-xp-checkpoint.html) to fall back to an earlier computer configuration, if the last checkpoint is fairly recent.

Respectfully,

Brian P.

You know, that could very well be. The virus was slightly different (different name, presumably different coding) so as not to be identical, though it functioned the same. As for what antivirus I use, there's Microsoft Security Essentials, as well as Malwarebytes and Super Anti-Virus. Thankfully, this new virus is gone now, as my dad was able to do the same thing that got the first virus off right away, but I think I'm gonna stay away from TV Tropes and DeviantArt on that computer for a while, just to be safe. :smallsigh:

Information I have been told that may be right, but no human is infallible:
1) SuperAntiVirus is a haven for malware and viruses supposedly. I have heard bad things.
2) Having too many ANTIVIRUS (so MalwareBytes doesn't count for this because it's anti-malware) programs, can be detrimental to system health as they compete with each other and leave gaps.

If you do decide to look for other antivirus programs to replace SuperAntiVirus, I'd recommend either Avast Anti-Virus, or AVG Free Edition.

Of course, as I said, I'm not sure how valid the information I was given was (the 2nd point was told to me by a PC World tech support person, and the 1st was from a friend's dad who is pretty tech savy [regularly builds computers])

If you're using Firefox, you could get NoScript and Adblock plugins - very useful for keeping ads shut down and a lot of nasty scripts won't execute, which makes browsing quite a bit safer. :smallsmile:

I am indeed using Firefox. How do I get these things? :smallsmile:

Click the orange Firefox button, select Add-Ons, click the Get Add-Ons button on the page that takes you to, and Robert is your auntie's husband!

If you're using Firefox, you could get NoScript and Adblock plugins - very useful for keeping ads shut down and a lot of nasty scripts won't execute, which makes browsing quite a bit safer. :smallsmile:
These two are great. I haven't had a problem since I installed them, and it really helps to speed up browsing as well as improve security.

Excellent! I've just gotten those two programs installed! Hopefully I can surf DeviantArt now without fear. Thanks again, everybody! :smallsmile:

EDIT: How exactly do I work these things? They seem to be blocking the majority of Internet site functions, like viewing messages or dropdown lists, watching videos, or selecting smilies when posting.

Adblock should look like a stopsign. Left clicking on it should bring up options for disabling it. You will want to just disable on sites you trust, such as giantitp.com, since the ads go towards server/hosting costs for the forums here. I recommend turning it off for any webcomics you read, since they are mostly ad supported. No script will look like a white circle with a blue letter 'S' in the centre. Right clicking on the icon will bring up options for disabling it for a certain page. For both of these, it is a bad idea to disable them everywhere(globally in noscript). These utilities will remember your permissions for sites(unless you use temporarily allow in noscript). This means that as you use them, you will build a pool of trusted sites that you have whitelisted and load as normal. New sites are inherently distrusted, and gives you the option to pick which parts, if any, you want to allow.

Note that the NoScript S will have a big red No Entry sign on it if it's blocking everything on a page, and if it's only blocking *some* of the sites linked, the No Entry sign is a bit smaller and offset to the bottom right of the S. If the S is free and clear of either it means you're allowing everything on the page.

And yes, NoScript can be a bit of a pain at first, but once you've taught it what's allowable on your most commonly-visited sites, you'll barely notice it's there!