Vista Security 2010
Vista Security 2010 (or VistaSecurity2010) is a malicious computer security program that propagates by means of Trojans, Worms and fake multimedia websites. VistaSecurity2010 can infect computers visiting bogus online virus scanners which pretend to scan the computer and then advises users to purchse the rogue for virus removal. Vista Security 2010 will cause unwanted modifications to the registry that causes Vista Security 2010 to run everytime Windows starts-up. The Internet browser will also experience changes on its operation by hijacking search results that will redirect users to infected websites.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\AppData\Local\ave.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %*HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%Program Files%\Mozilla Firefox\firefox.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%Program Files%\Mozilla Firefox\firefox.exe" -safe-modeHKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%Program Files%\Internet Explorer\iexplore.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %*HKEY_CLASSES_ROOT\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\ave.exe" /START "%1" %*
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.