Vista Total Security 2012
Vista Total Security 2012 is a new version of older rogue security programs that use a similar graphical shell to fake anti-virus and security features. Even though Vista Total Security 2012 pretends to offer firewall monitoring, system scans and protection against various PC threats, none of these features are real. Vista Total Security 2012's only real features involve blocking your access to programs, taking control of your web browser, and creating fake infection warnings. You should pay no heed to any of these misleading attacks, and delete Vista Total Security 2012 by using a real security program.
Vista Total Security 2012: One Side of a Multi-Faced Threat to Your PC
Like most rogue security programs, Vista Total Security 2012 is a lazy copy of other rogue programs and uses the same kinds of hidden attacks as XP Total Security 2012, Vista Internet Security 2012, XP Internet Security 2012, Vista Anti-Spyware 2012 and XP Anti-Spyware 2012. Although these programs, including Vista Total Security 2012, imitate the outer appearance of an anti-virus program, all their advertised features are simulations without any underlying functionality.
For example, Vista Total Security 2012 will create multiple kinds of pop-up warnings about infections and other system problems that are supposedly on your PC. These warnings are created without trying to detect such attackers, though, making pop-ups like the following an exercise in deception:
System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.
System warning!
Security Essentials Ultimate Pack software detects programs that may compromise your privacy and harm your systems. It is highly recommended you scan your PC right now. Click here to start.
Security Alert!
Your computer is being attacked from a remote machine!
Block Internet access to your computer to prevent system infection.
Critical Warning!
Critical System Warning! Your system is probably infected with a version of Trojan-Spy.HTML.Visafraud.a. This may result in website access passwords being stolen from Internet Explorer, Mozilla Firefox, Outlook etc.
Vista Total Security 2012 can also create a fake system scan that will pretend to find large amounts of other infections on your PC. You shouldn't try to delete any files or programs that Vista Total Security 2012 says are infected, since Vista Total Security 2012 will accuse unharmed files of harboring keyloggers and other PC threats.
Vista Total Security 2012 Features That Really Do Work... to Your Computer's Detriment
Vista Total Security 2012 does have some features that work, but you won't find these functional capabilities being advertised upfront. All of Vista Total Security 2012's working functions attack your computer to make it look like your PC is in worse shape than it really is.
- Your browser may be hijacked when Vista Total Security 2012 changes your proxy server settings, or adds malicious browser-related entries to your Windows Registr Hijacks are well-known for redirecting victims to malicious websites, but these attacks can also create fake unsafe website warnings, change your homepage or create pop-ups.
- Vista Total Security 2012 may also stop some programs from running at all. Most threats in the Vista Total Security 2012 subgroup are known to attack anti-virus and security programs, as well as basic Windows tools like the Task Manager. Many program crashes may also cause Vista Total Security 2012 pop-up errors that call the crashed program infected, but this is just another ruse.
The only appropriate response to Vista Total Security 2012 is to remove it from your computer, by using your preference of anti-malware software in Safe Mode. Alternately, you can boot your computer from a CD or other external source, which will also stop Vista Total Security 2012 from running.
If you've purchased Vista Total Security 2012 before realizing that it's a rogue security program, you should have your credit card canceled to avoid any other fraudulent charges.
File System Modifications
- The following files were created in the system:
# File Name 1 %%AppData%\Roaming\Microsoft\Windows\Templates\67sdh53ygdhilutew20ijnbgc 2 %AllUsersProfile%\67sdh53ygdhilutew20ijnbgc 3 %AppData%\Local\67sdh53ygdhilutew20ijnbgc
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1"HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Internet Explorer\iexplore.exe"'HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
Additional Information on Vista Total Security 2012
- The following messages's were detected:
# Message 1 Critical Warning!
Critical System Warning! Your system is probably infected with a version of Trojan-Spy.HTML.Visafraud.a. This may result in website access passwords being stolen from Internet Explorer, Mozilla Firefox, Outlook etc.2 System warning!
Security Essentials Ultimate Pack software detects programs that may compromise your privacy and harm your systems. It is highly recommended you scan your PC right now. Click here to start.3 Security Alert!
Your computer is being attacked from a remote machine!
Block Internet access to your computer to prevent system infection.4 System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.
my system hacked can help what shall i do