Vista Antivirus 2012

Posted: June 7, 2011

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	10,353
Threat Level:	8/10
Infected PCs:	234

First Seen:	August 22, 2011
Last Seen:	September 29, 2023
OS(es) Affected:	Windows

Vista Antivirus 2012 is a rogue antivirus program that attacks your web browser and other applications, while also pretending to have anti-virus functions. All alerts, warnings and system scan results from Vista Antivirus 2012 are faked, to give a false impression of numerous infections. Avoid purchasing Vista Antivirus 2012 or even visiting the Vista Antivirus 2012 website, since this website may make other attacks on your computer. Quality anti-virus programs should have little difficulty in removing Vista Antivirus 2012, if Vista Antivirus 2012 isn't active during the system scan.

Vista Antivirus 2012: Out a Year Early to Threaten Your Computer

Vista Antivirus 2012 uses similar attacks to other typical fake security programs, and even uses code similar to that of threats like XP Home Security 2012, XP Antivirus 2012, Win 7 Anti-Spyware 2012 and Win 7 Total Security 2012. Rogue security programs like Vista Antivirus 2012 and its relatives from the FakeRean family are typically aided in opening infection by Trojans; the presence of Vista Antivirus 2012 usually indicates that a Trojan is also on the computer and is secretly responsible for installing Vista Antivirus 2012. Among Vista Antivirus 2012's clones are Antivirus 2008 Pro, Antivirus XP 2008, Windows Antivirus 2008, Vista Antivirus 2008, PC Clean Pro, Antivirus Pro 2009, Rogue.Vista Antivirus 2008, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, XP Security 2012, XP Home Security 2012 and AntiVirus PRO 2015.

Like most other rogue security programs, Vista Antivirus 2012 can't find or delete viruses and other threats from your PC. Despite this, Vista Antivirus 2012 will still pretend to find infections on your computer in simulated system scans, and may also create fake warning messages. You should never take any advice or suggestions that Vista Antivirus 2012 offers with regards to fixing these problems, since the infections that Vista Antivirus 2012 detects aren't real, and are targeting unharmed applications and files.

Vista Antivirus 2012 errors may also appear when Vista Antivirus 2012 blocks a program from running. Although the pop-up alert that Vista Antivirus 2012 uses will tell you that the program is infected, the real reason that Vista Antivirus 2012 is blocking it is to prevent you from accessing anti-malware and system diagnostic features.

How to Get Vista Antivirus 2012 Off Your Computer and Out of Your Browser

Besides all the other problems Vista Antivirus 2012 creates, Vista Antivirus 2012 may also hijack your web browser. Browser hijacks are difficult to stop without removing Vista Antivirus 2012 or any other PC threat that might be causing them. Hijacks are known for:

Redirecting your browser to malicious websites.
Changing your search results.
Altering your homepage settings.
Creating pop-ups and advertisements.
Using fake 'dangerous website' error screens.
Redirecting you away from safe websites that could help you delete Vista Antivirus 2012 and other threats to your PC.

Despite the wide range of problems a browser hijack can cause, getting rid of these attacks is fairly simple. Safe Mode or a CD-based system boot will stop Vista Antivirus 2012 from launching in the first place, and prevent any hijacks from occurring. You can follow this up by removing Vista Antivirus 2012 entirely with the help of the right security scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%AllUsersProfile%\9olpq2xnc6yhnjeuwnjIUks1k

File name: %AllUsersProfile%\9olpq2xnc6yhnjeuwnjIUks1k
Group: Malware file

%AppData%\9olpq2xnc6yhnjeuwnjIUks1k

File name: %AppData%\9olpq2xnc6yhnjeuwnjIUks1k
Group: Malware file

%AppData%\Local\9olpq2xnc6yhnjeuwnjIUks1k

File name: %AppData%\Local\9olpq2xnc6yhnjeuwnjIUks1k
Group: Malware file

%AppData%\Roaming\Microsoft\Windows\Templates\9olpq2xnc6yhnjeuwnjIUks1k

File name: %AppData%\Roaming\Microsoft\Windows\Templates\9olpq2xnc6yhnjeuwnjIUks1k
Group: Malware file

%Temp%\9olpq2xnc6yhnjeuwnjIUks1k

File name: %Temp%\9olpq2xnc6yhnjeuwnjIUks1k
Group: Malware file

%UserProfile%\Templates\9olpq2xnc6yhnjeuwnjIUks1k

File name: %UserProfile%\Templates\9olpq2xnc6yhnjeuwnjIUks1k
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1" = '"%UserProfile%\Local Settings\Application Data\(random 3 letters).exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\(random 3 letters).exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\(random 3 letters).exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\(random 3 letters).exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\(random 3 letters).exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\.exe\DefaultIcon "(Default)" = '%1'HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\(random 3 letters).exe" /START "%1" %*'HKEY_CLASSES_ROOT\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CLASSES_ROOT\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\exefile "Content Type" = 'application/x-msdownload'HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\(random 3 letters).exe" /START "%1" %*'HKEY_CLASSES_ROOT\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CLASSES_ROOT\exefile\shell\runas\command "IsolatedCommand" = '"%1" %*'

Additional Information

The following messages's were detected:

#	Message
1	Attention: DANGER! ALERT! System scan for spyware, adware, trojans and viruses is complete. Vista Antivirus 2012 detected 26 critical system objects.
2	Computer security is at risk! Your PC is still under malware attack. Dangerous programs were found to be running in the background. System crash and identify theft are likely.
3	Privacy threat! Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties including credit card details and passwords. Click here to perform a security repair.
4	System danger! Your system is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working in the
5	Vista Antivirus 2012 Firewall Alert Vista Antivirus 2012 has blocked a program from accessing the internet Firefox is infected with Trojan-BNK.Win32.Keylogger.gen

Windows Vista Antivirus 2012

5 Comments

tay says:

June 26, 2011 at 10:29 am

I have this awful thing.

Only problem is, it's already way ahead of these remedies, IE: task manager has been disabled. And worse, when I try to fix the registry (with FixNCR) via USB drive, it simply powers down my computer.

Any suggestions on a work-around?
Rich says:

December 1, 2011 at 2:38 pm

I had luck opening files as as administrator. Right click, choose run as administrator. It seems the fake antivirus wasn\'t able to stop that.
Alfred says:

December 16, 2011 at 5:51 am

Go to your antivirus program in your program files folder and right click on the .exe. Run the program as an administrator. Update your program and then scan. Vista virus should be killed after the scan. Download exehelper.exe and run it. You need to run this tiny utility to restore your old settings. Vista virus will alter your computer settings. Even if the virus is gone, the settings it imposed will still be there. This is why exehelper is very important.
Sarah says:

December 19, 2011 at 5:43 pm

Wait so how do you remove it without downloading any other antivirus thing
Elistariel says:

December 26, 2011 at 12:52 am

I'd love to try Alfred's method, but the right click on my laptop is busted.