I came across another little Nasty Little B****** this evening which managed to self-install itself onto my production fully patched workstation, after visiting some official Panasonic websites! Windows Defender tells me “No unwated or unharmful software detected”. That was incorrect, something popped up called Vista Internet Security 2010, never heard of it, and it didn’t look like any Microsoft product, although it looked very good, and very Microsoft like, until it started scanning and detecting false positives, and then noticed a running 32-bit process called AV.EXE, I run a 64-bit clean system, so any weird 32 bit process, look very suspect. How a non-geek computer nerd would know, I’ve no idea. I don’t use Internet Explorer only Firefox 3.5, so I’ll be damned if I know how it jumped on-board!
Vista Internet Security 2010 (can be also called as Vista Internet Security) is a rogue anti-spyware program that simulates a system scan and reports false scan results just to scare you and make you think that your computer is infected with Trojans, worms and other malware. Once installed, it will display fake security alerts or notifications and then inform you that you need to pay money to register the program if you want to remove the infections and computer threats, which of course do not even exist. Do not pay for this software and get rid of Vista Internet Security 2010 form your computer upon detection using the removal stated guide below.
Vista Internet Security 2010 displays warnings and notifications about serious security threats and privacy issues. It will also state that it has detected many critical spyware objects and that these objects can expose private information. Of course, that’s not true. This is just a part of whole scam. Besides, no matter what you decide to do, it will ask to pay for a full version of the program to protect your computer from malware and possible attacks from the Internet. Just ignore all of this and read the the following instructions carefully.
You may need this file!
It very quickly removes registry keys so stops you executing files, so you’ll not be able to run your browsers, regedit etc, so you may need access to another computer to follow these steps
Vista Internet Security removal instructions:
1. Click Start->Run Type “cmd”. Press Enter or click OK.
2. Type “notepad” press Enter. Notepad will open.
3. Copy and past the following text into Notepad:
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]
[-HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\.exe]
@=”exefile”
“Content Type”=”application/x-msdownload”
[-HKEY_CLASSES_ROOT\secfile]
4. Save file as “exefix.reg” (without quotation-marks) to your Desktop.
NOTE: choose Save as type: All files
5. Double-click to open exefix.reg. Click “Yes” for Registry Editor prompt window.
The above will then allow you to run your applications and anti-malware and anti-spyware checkers! See earlier blog for recommended software tools.
You’ve been warned!!!