Windows Vista Internet Security 2012
Posted: January 6, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 14 |
| First Seen: | January 6, 2012 |
|---|---|
| OS(es) Affected: | Windows |
Windows Vista Internet Security 2012 is a rogue anti-malware scanner that uses false pretenses about your computer's security to waylay you into spending more money than you should on a Windows Vista Internet Security 2012 activation key (which is to say – any money whatsoever). Because Windows Vista Internet Security 2012 will create error messages and scanner results without checking for the PC threats that Windows Vista Internet Security 2012 displays as being present, SpywareRemove.com malware experts discourage any attempts to use Windows Vista Internet Security 2012 as an actual anti-malware product. Other symptoms of infection by Windows Vista Internet Security 2012 can include browser redirects, programs that are blocked with unusual error messages and the presence of unusual .exe files. However, all of these symptoms will cease as soon as you delete Windows Vista Internet Security 2012, a process that can be easily-managed by up-to-date PC security software.
Windows Vista Internet Security 2012: A Lie in Every Portion of Its Title
Once analyzed, Windows Vista Internet Security 2012 is easily-noticed as being fraudulent in every aspect of its marketing, since Windows Vista Internet Security 2012 isn't especially-updated for 2012, isn't specialized in Windows Vista, and certainly has nothing to do with your computer's security – except in a negative sense. As a clone of previous scamware products belonging to the FakeRean that attack all versions of Windows and have existed with minimal changes between versions for some time, Windows Vista Internet Security 2012 displays similar behavior and even shares its appearance with Antivirus 2008 Pro, Antivirus XP 2008, Windows Antivirus 2008, Vista Antivirus 2008, PC Clean Pro, Antivirus Pro 2009, Rogue.Vista Antivirus 2008, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, XP Security 2012, XP Home Security 2012 and AntiVirus PRO 2015.
SpywareRemove.com malware researchers were unsurprised to find that fake warnings about infections and miscellaneous system problems are the main symptoms of infection by Windows Vista Internet Security 2012 or one of its clones; although these messages are presented with a convincing Windows-based aesthetic, their content is always fraudulent. The following list is a few samples of the swarm of fake alerts that Windows Vista Internet Security 2012 can send your way:
Severe System Damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.
Windows Vista Internet Security 2012 Alert
Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
- Dangerous code found in this site's pages which installed unwanted software into your system.
- Suspicious and potentially unsafe network activity detected.
- Spyware infections in your system
- Complaints from other users about this site.
- Port and system scans performed by the site being visited.
Things you can do:
- Get a copy of [rogue program name] to safeguard your PC while surfing the web (RECOMMENDED)
- Run a spyware, virus and malware scan
- Continue surfing without any security measures (DANGEROUS)
Malware Intrusion!
Sensitive areas of your system were found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
Virus Intrusion!
Your computer security is at risk. Spyware, worms, and Trojans were detected in the background. Prevent data corruption and credit card information theft. Safeguard your system and perform a free security scan now.
Windows Vista Internet Security 2012 Alert
System Integrity Check
Warning! Sensitive data may be sent over your internet connection right now!
Threat: Trojan-PSW.Win32.Antigen.A
Windows Vista Internet Security 2012 Firewall Alert
Windows Vista Internet Security 2012 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
Windows Vista Internet Security 2012Alert
System Hacked!
Unknown program is scanning your system registry right now! Identity theft detected!
Threat: Backdoor.Perl.AEI.16
System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.
Windows Vista Internet Security 2012Alert
Security hole detected!
A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen!
Threat: Trojan-Downloader.BAT.Ftp.ab
System warning!
Security Essentials Ultimate Pack software detects programs that may compromise your privacy and harm your systems. It is highly recommended you scan your PC right now. Click here to start.
Dealing with Windows Vista Internet Security 2012's Sidearms as They Plug Away at Your Software
Even though fake alerts and scanner results are the primarily-visible attacks by Windows Vista Internet Security 2012, SpywareRemove.com malware experts also caution you to watch for subtler but even more damaging attacks than the above. Windows Vista Internet Security 2012 may use Trojans to:
- Hijack your web browser to redirect it to the Windows Vista Internet Security 2012 website or to block off other sites with fake warnings (such as fraudulent firewall alerts).
- Block anti-malware and security programs to prevent you from using them to delete Windows Vista Internet Security 2012 and related PC threats.
However, as long as you remove Windows Vista Internet Security 2012 with appropriate anti-malware software, lasting harm to your PC should be nonexistent. If Windows Vista Internet Security 2012 blocks your software, you can disable Windows Vista Internet Security 2012 by using any of several anti-malware strategies that SpywareRemove.com malware analysts have found to work in good stead – such as rebooting into Safe Mode, booting to the Command Prompt, booting Windows from a USB drive or switching to a secondary OS.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%AllUsersProfile%\[RANDOM CHARACTERS]
File name: %AllUsersProfile%\[RANDOM CHARACTERS]Group: Malware file
%AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]
File name: %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]Group: Malware file
%AppData%\Local\[RANDOM CHARACTERS].exe
File name: %AppData%\Local\[RANDOM CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%AppData%\Local\[RANDOM CHARACTERS]
File name: %AppData%\Local\[RANDOM CHARACTERS]Group: Malware file
%Temp%\[RANDOM CHARACTERS]
File name: %Temp%\[RANDOM CHARACTERS]Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\.exe" /START "%1" %*'HKEY_CLASSES_ROOT\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CLASSES_ROOT\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\exefile "Content Type" = 'application/x-msdownload'HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\.exe" /START "%1" %*'HKEY_CLASSES_ROOT\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\exefile\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1" = '"%UserProfile%\Local Settings\Application Data\.exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\.exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"'
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.