Vista Security 2012
Some people might think that Vista Security 2012 would offer superb opportunities to them when it comes to anti-virus protection. This is exactly what the program would promise them, by the way. The software claims to be Windows Firewall supposedly aimed to protect your PC against malware aggression and threat attack. What a mistake it really is when users trust this malady. The thorough research of this malware sample brings us to the conclusion that the software has a lot of evil aims and intentions. Whereas its outward dressing is simply the way of masking its real malicious plots. The day when Vista Security 2012 comes into your computer would indeed let you know of how serious rogue security products can be. Not only they present quite a bunch of fake security warnings, popups, ads and other bogus facts, but these fake anti-spyware tools essentially slow your system down, without letting you use it as you want.
Beyond any doubt, Vista Security 2012 does not ask for your permission to dwell in your workstation. Often there are no barriers for really serious PC pests, and this is exactly about this hoax. It should be mentioned that the malware parameters of the virus get changed day by day, sometimes even several times a day. This results in the fact that sometimes even the most powerful anti-viruses installed on user’s machines fail to timely detect it, thus allowing the malware to come in. However, sometimes user does not want to have any AV software installed. This also explains pretty well why the attack was successfully accomplished. Surfing unsecure sites, clicking contaminated links, downloading infected files (without realizing this) – this all results in your PC being infected. Moreover, even the social networks are vulnerable today because of their evil users who sometimes succeed in spreading viruses via them. Being cautious in the IT world today is essentially important.
Vista Security 2012 arranges system scans and then tells your PC is infected. The next step of its evil plan is to win your trust by attempting to convince you to effect the payment for its powerless licensed version to delete those unreal viruses detected by it. Yes, they are unreal, whereas Vista Security 2012 is probably the only or one of the few real malwares. Of course, it would not tell you the real truth about its real motives. The only goal of this malware is to get money from you without rendering any good service. Do not pay for it. Remove the virus with the anti-spyware program recommended by us in this blog.
Tricks to help you execute anti-virus software in spite of the blockage by this rogue:
- A good trick to get rid of this malware is to modify your computer time to 7-8 days in the future and then restarting your system. After that you can restore the date to correct time. Then you may download, install and scan your computer with recommended software to delete all trojans that became the cause of the infection.
- If you already have one of the anti-virus softwares installed on your computer you might try running it with Administrator rights (right-click the icon at the desktop and choose the option “Run as Administrator”).
Vista Security 2012 system modifications:
Vista Security 2012 files created:
- %UserProfile%\Local Settings\Application Data\opRSK
- %UserProfile%\Local Settings\Application Data\pw.exe
- %UserProfile%\Local Settings\Application Data\vz.exe
- %UserProfile%\Local Settings\Application Data\MSASCui.exe
- %UserProfile%\AppData\Local\opRSK
- %UserProfile%\AppData\Local\pw.exe
- %UserProfile%\AppData\Local\vz.exe
- %UserProfile%\AppData\Local\MSASCui.exe
Vista Security 2012 registry entries created:
- HKCU\Software\Classes\pezfile
- HKCR\pezfile
- HKCU\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
- HKCU\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
- HKCU\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1″ %*
- HKCU\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1″ %*
- HKCR\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
- HKCR\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
- HKCR\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1″ %*
- HKCR\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1″ %*
- HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
- HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
- HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
- HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
- HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
- HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
- HKLM\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
- HKLM\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″
