Your OS Internet Security
Hopefully no-one will need to worry about this but I thought it best to inform people of a fix ahead of time because when you have it its to late to do anything about it, especially if you only have 1 pc in the home its essential your prepared.
Theres a threat out there and I got stung by it today. Its not exactly new but has got a new round of updates, a Rogue Anti-Spyware called (insert your OS here) internet security.
Im not sure how I manage to get it, was on facebook earlier today closed Firefox, walked away for awhile and got it popping up sometime while afk.
This looks like a totally legit looking like the windows security centre and could easily fool a casual observer, normally this kinda thing you can find a simple way of removing it but this will cripple your system every progam you attempt to run will launch this.
The only way around it is to create a registry fix on a second PC, the problem with this is the filenames also change system to system there is a fix out there and your best bet is to be prepared and make a copy of the registry fix now. You wont be able to run regedit on an infected machine (or anything else for that matter).http://www.2-viruses.com/remove-vista-i ... urity-2011
You generally just need the registry fix stated there to remove its control of programs. While I didnt have the exact named exe's but this appears to have worked.
You will also need to delete the file that was running manually, you will need to bring up task manager while infected and try to identify the file in question.
It will be a user run file (ie in the username column mine says "wildride") mine was vcm.exe, you can test it by shutting down the process and seeing if Vista Internet Security closes (It will load itself up again as soon as you try to run anything)
To actually see the file in the folder you need to be able to see system and hidden files.
This is enabled by going into explorer and in the drop down menu for "organize" select Folder and Search Options. Go to the view tab and select to show hidden files and folders, as well as deselecting "hide protected operating system files."
Simply delete the file after that.
I would not bother with spyware doctor, it didnt pick up much of anything and you need to pay for it to remove any threat. MalwareBytes is something you should get and use afterwards. Not looked at the Hitman pro thing they mentioned.
Either way Malwarebytes only saw the invalid registry entry for Vcm.exe which it deleted.
Note after running the registry fix, I had to run things as administrator until I reset the PC.