Vista Antispyware Pro 2013
Posted: November 5, 2012
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 8,061 |
|---|---|
| Threat Level: | 10/10 |
| Infected PCs: | 17,439 |
| First Seen: | October 1, 2012 |
|---|---|
| Last Seen: | October 8, 2023 |
| OS(es) Affected: | Windows |
Vista Antispyware Pro 2013 is a rogue anti-spyware scanner that detects fake attacks and infections as a way of making itself seem more helpful than Vista Antispyware Pro 2013 is in reality. While Vista Antispyware Pro 2013's criminal coders haven't bothered to include real security functions, Vista Antispyware Pro 2013 does possess several entirely functional attacks that can block other programs, redirect your browser and harm your computer's overall security. Like all members of its family (the well-distributed and often-updated Win32/FakeRean), Vista Antispyware Pro 2013 should be deleted rather than purchased, ideally with real anti-malware software that's capable of reverting all of Vista Antispyware Pro 2013's damage to your security settings.
Why Your Money is What You Should Be Worried About When Vista Antispyware Pro 2013 is Around
Vista Antispyware Pro 2013 cannot find or remove malware of any sort, including spyware, but Vista Antispyware Pro 2013 does include features that make it look as though Vista Antispyware Pro 2013 is detecting all sorts of PC threats. Examples of these cry wolf warnings from Vista Antispyware Pro 2013 include alerts about keyloggers, identity theft attacks, unwanted Registry modifications, fake browser error pages and alerts about compromised applications. When applicable, attempting to use Vista Antispyware Pro 2013 to delete the associated threat just redirects you to a purchase form for Vista Antispyware Pro 2013.
Since Vista Antispyware Pro 2013 can't find real spyware infections or improve your computer's security in any way, it's always self-destructive (for both your PC and your finances) to buy Vista Antispyware Pro 2013. Although Vista Antispyware Pro 2013, like other WinPC Defender-based scamware, doesn't include information-stealing functions, credit card data and other financial information that's given to Vista Antispyware Pro 2013's fake company voluntarily are likely to be exploited in other crimes.
The Actual Malware Sitting Pretty Behind Vista Antispyware Pro 2013's Security Mockup
Vista Antispyware Pro 2013 also leverages other attacks against your computer in its desperate attempts to convince you that you should buy Vista Antispyware Pro 2013 – as well as preventing you from accessing legitimate anti-malware software or assistance. According to SpywareRemove.com malware experts, the latest and most significant features found to be included in Vista Antispyware Pro 2013 and other Multi-rogue 2013 variants of FakeRean include:
- Programs that are blocked by Vista Antispyware Pro 2013, frequently with pop-up warnings that claim that the program you're trying to use is infected. This potentially affects any EXE or executable file.
- Browser redirects that block websites and display fake web page warnings about harmful content.
- Disabled Windows security functions and software such as Windows Update, Windows Firewall and Windows Defender.
Vista Antispyware Pro 2013 is unresponsive to normal methods for removing programs, although most competent anti-malware products should be able to delete Vista Antispyware Pro 2013 safely. SpywareRemove.com malware researchers recommend that you also be careful to identify clones of Vista Antispyware Pro 2013, such as Ultimate Defender, SystemDefender, IE Defender, Advanced XP Defender, XP Defender, WinDefender2008, PCTotalDefender, PC Defender 2008, Personal Defender 2009, WinDefender 2009, Perfect Defender 2009, Total Defender, Malware Defender 2009, WinPC Defender, PC Privacy Defender, Smart Defender Pro, Rogue.UltimateDefender, FraudTool.LastDefender.b and Security Defender Pro 2015.
Aliases
Win32.Bancos [Ikarus]Trojan/Win32.Diple [AhnLab-V3]TR/Bancos.CDL.8 [AntiVir]Trojan.KillProc.15905 [DrWeb]Win32:Bancos-CDL [Spy] [Avast]Artemis!8A7BB35885CF [McAfee]Trojan-Ransom.Win32.Foreign.asxx [Kaspersky]Dropper.Generic2.AAPU [AVG]Trojan-Dropper.SuspectCRC [Ikarus]Artemis!02E1070C9FAD [McAfee-GW-Edition]SPR/Tool.BeeInject.133 [AntiVir]Trojan-Spy.MSIL.Agent.buh [Kaspersky]MSIL:Crypt-AO [Avast]a variant of MSIL/Injector.U [NOD32]TR/Boigy.2 [AntiVir]
More aliases (2215)
More aliases (2215)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\WINDOWS\UbiSoft\SetupUbi.exe
File name: SetupUbi.exeSize: 643.07 KB (643072 bytes)
MD5: 735e3f35a14cc39fb874b0799a198fb3
Detection count: 349
File type: Executable File
Mime Type: unknown/exe
Path: C:\WINDOWS\UbiSoft\SetupUbi.exe
Group: Malware file
Last Updated: October 15, 2023
%SystemDrive%\ProgramData\gbieha.dll
File name: gbieha.dllSize: 557.31 KB (557312 bytes)
MD5: ed5ef662951776536fc5a09266de8b08
Detection count: 62
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\ProgramData
Group: Malware file
Last Updated: February 22, 2013
%SystemDrive%\ProgramData\wlcon.dll
File name: wlcon.dllSize: 1.09 MB (1098752 bytes)
MD5: fa8d670443046dd1f99dd08241362027
Detection count: 61
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\ProgramData
Group: Malware file
Last Updated: February 22, 2013
%TEMP%\Aplaeplaep\ycfyycfewuj.exe
File name: ycfyycfewuj.exeSize: 65.53 KB (65536 bytes)
MD5: dc051532febb8ee31d8ad7b7c6ac205c
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\Aplaeplaep
Group: Malware file
Last Updated: February 22, 2013
%SystemDrive%\ProgramData\gbpsvs.dll
File name: gbpsvs.dllSize: 1.05 MB (1052672 bytes)
MD5: ea505c2d439a5f36e3e079f25b41ae56
Detection count: 60
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\ProgramData
Group: Malware file
Last Updated: February 22, 2013
C:\$Recycle.Bin\S-1-5-18\$70b76ca57a6b1ad6260e65399d41ccb5\n
File name: nSize: 59.9 KB (59904 bytes)
MD5: 004d883c75e80cd386a260b5eccbf285
Detection count: 56
Path: C:\$Recycle.Bin\S-1-5-18\$70b76ca57a6b1ad6260e65399d41ccb5\n
Group: Malware file
Last Updated: April 6, 2022
%LOCALAPPDATA%\{F41C0568-18AE-2FB5-3FAF-004A1F4BF0B3}\syshost.exe
File name: syshost.exeSize: 204.8 KB (204800 bytes)
MD5: e6533434941eb27d0efd1bf7d37c4f4d
Detection count: 47
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\{F41C0568-18AE-2FB5-3FAF-004A1F4BF0B3}
Group: Malware file
Last Updated: February 22, 2013
%TEMP%\csrss.exe
File name: csrss.exeSize: 158.72 KB (158720 bytes)
MD5: 295f8c0f0188a4ffbacd71634986bb03
Detection count: 43
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: February 22, 2013
%APPDATA%\TMf2g99RPH1P2EI.exe
File name: TMf2g99RPH1P2EI.exeSize: 96.25 KB (96256 bytes)
MD5: 2f5b8fa2968ecb754e181c50e4e869dc
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: February 22, 2013
%LOCALAPPDATA%\Lollipop\Lollipop.exe
File name: Lollipop.exeSize: 920.57 KB (920576 bytes)
MD5: 8448d114db908ac23f610dc1292edabe
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\Lollipop
Group: Malware file
Last Updated: February 25, 2013
%USERPROFILE%\S-15-5943-2356-2352\winmgr.exe
File name: winmgr.exeSize: 69.12 KB (69120 bytes)
MD5: bfdef30de6842d4190ec34213593ec49
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\S-15-5943-2356-2352
Group: Malware file
Last Updated: February 22, 2013
%TEMP%\update.exe
File name: update.exeSize: 764.92 KB (764928 bytes)
MD5: 6124c9689dc1db263359cf83df35325b
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%
Group: Malware file
Last Updated: February 22, 2013
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Bla Bla.exe
File name: Bla Bla.exeSize: 4.14 MB (4141960 bytes)
MD5: cb9d64689c607953224011d89c08d839
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: February 22, 2013
%SystemDrive%\Users\<username>\8103874.dll
File name: 8103874.dllSize: 135.16 KB (135168 bytes)
MD5: b9097671abbe840bb69102e82adc8544
Detection count: 14
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\Users\New Account
Group: Malware file
Last Updated: March 29, 2013
%APPDATA%\IZ Crypt Pre Alpha.exe
File name: IZ Crypt Pre Alpha.exeSize: 110.59 KB (110592 bytes)
MD5: 5a251700f95ca463af81440a06c11086
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: February 22, 2013
%SystemDrive%\Users\<username>\6954194.dll
File name: 6954194.dllSize: 100.86 KB (100864 bytes)
MD5: 6702fa8bfb4b5582511f22d93cb45a0a
Detection count: 10
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SystemDrive%\Users\Max
Group: Malware file
Last Updated: February 22, 2013
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\A-2068193475.exe
File name: A-2068193475.exeSize: 51.72 KB (51724 bytes)
MD5: 9a65737e5ccc95b04f26f95eaa2be535
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: February 22, 2013
%USERPROFILE%\Documents\wincmd.exe
File name: wincmd.exeSize: 24.35 MB (24355844 bytes)
MD5: 506a814c73adbfa70107a40085b90b4a
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Documents
Group: Malware file
Last Updated: February 22, 2013
%TEMP%\MSDCSC\msdcsc.exe
File name: msdcsc.exeSize: 1.15 MB (1158529 bytes)
MD5: 8f42640869da36976902d674b41cc36a
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\MSDCSC
Group: Malware file
Last Updated: February 22, 2013
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Teemu.exe
File name: Teemu.exeSize: 4.32 MB (4328372 bytes)
MD5: 2f6ec4885e14e3904d94c037ad8c98fa
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: February 22, 2013
%WINDIR%\up2date.exe
File name: up2date.exeSize: 57.79 KB (57795 bytes)
MD5: a8a12411d33c56520ef81a83416caca6
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: February 22, 2013
%PROGRAMFILES%\WW2010CF\SERVICES.EXE
File name: SERVICES.EXESize: 512 KB (512000 bytes)
MD5: 48b0f162c65c7316db6ec1d294f8f37e
Detection count: 5
File type: Executable File
Mime Type: unknown/EXE
Path: %PROGRAMFILES%\WW2010CF
Group: Malware file
Last Updated: February 22, 2013
%WINDIR%\system32\wins.exe
File name: wins.exeSize: 244.55 KB (244552 bytes)
MD5: cb5c8a3f5cba769669f662ab9e30b913
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: February 22, 2013
%ALLUSERSPROFILE%\Local Settings\Temp\mslutv.exe
File name: mslutv.exeSize: 49.99 KB (49992 bytes)
MD5: 7295902ee0f05ab37a2f764e9b45a8b6
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Local Settings\Temp
Group: Malware file
Last Updated: February 22, 2013
%LocalAppData%\[RANDOM CHARACTERS AND NUMBERS]
File name: %LocalAppData%\[RANDOM CHARACTERS AND NUMBERS]Group: Malware file
%CommonAppData%\[RANDOM CHARACTERS AND NUMBERS]
File name: %CommonAppData%\[RANDOM CHARACTERS AND NUMBERS]Group: Malware file
%Temp%\[RANDOM CHARACTERS AND NUMBERS]
File name: %Temp%\[RANDOM CHARACTERS AND NUMBERS]Group: Malware file
%AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS AND NUMBERS]
File name: %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS AND NUMBERS]Group: Malware file
%LocalAppData%\[RANDOM 3 CHARACTERS].exe
File name: %LocalAppData%\[RANDOM 3 CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
More files
Registry Modifications
The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS] "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = '[RANDOM CHARACTERS]'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "C:\Program Files\Internet Explorer\iexplore.exe"" HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\[RANDOM 3 CHARACTERS].exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""HKEY..\..\..\..{Subkeys}HKEY_CLASSES_ROOT\[RANDOM CHARACTERS]HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"
HKEY..\..\{Value}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS] "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\[RANDOM CHARACTERS]\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = '[RANDOM CHARACTERS]'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "%1" %*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\[RANDOM 3 CHARACTERS].exe" -a "C:\Program Files\Internet Explorer\iexplore.exe"" HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\[RANDOM 3 CHARACTERS].exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""HKEY..\..\..\..{Subkeys}HKEY_CLASSES_ROOT\[RANDOM CHARACTERS]HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"
Additional Information
The following messages's were detected:
| # | Message |
|---|---|
| 1 | Severe system damage! Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here. |
| 2 | System danger! Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the background right now. Perform an in-depth scan and removal now, click here. |
| 3 | System hijack! System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan. |
| 4 | Virus intrusion! Your computer security is at risk. Spyware, worms and Trojans were detected in the background. Prevent data corruption and credit card information theft. Safeguard your system and perform a free security scan now. |
| 5 | Vista Antispyware Pro 2013 Alert Internet Connection alert! Suspicious network activity detected! Malware infection is possible! |
| 6 | Vista Antispyware Pro 2013 Firewall Alert Vista Antispyware Pro 2013 has blocked a program from accessing the internet Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen Private data can be stolen by third parties, including credit card details and passwords. |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.