XP Internet Security 2012 scam

XP Internet Security 2012

XP Internet Security 2012

XP Internet Security 2012 is, beyond any doubt, the unexpected visitor for many computers today. It gets into the machine like the thief at night – without invitation or even warning. Using the well-known parable and applying it to particular example, it has the clothes of a sheep but inside it is like the real wolf with the teeth ready to damage your computer system. It is the devil which must be expelled. Is this description not enough for you to believe that you should not trust it and keep it? Well, go to the search engines and find alternative blogs which will tell you the same thing. XP Internet Security 2012 is the malware sample known as one of the name-changing rogues of Braviax family. They also are sometimes referred to as MultiRogues 2012.

XP Internet Security 2012 gets started each time you start your machine. It begins its fake scans accompanied by fake reports about plenty of problems supposedly detected inside of your workstation. It is peculiar that this entire scan is completed within just a few seconds. Do you really think that it is capable to discover the problems so quickly? We have tried to run the decent Windows defragmenter, for example, and it took much longer for it to scan the system and then improve it. No doubt, there is something wrong in XP Internet Security 2012. This all gives us the reasons to assert that this software is not the program you should keep. The only goal of it is to reap easy earnings by deceiving users with its fake reports referred to in the first paragraph, and on this basis to make them pay for the full version of this malware program as a supposed remedy to heal your computer. Do not trust this rogue simply because it knows nothing in how to help your PC work better. You only problem is this hoax program itself, and you must immediately remove this virus from your system. Below please find the removal guide on how to get rid of the malware effectively – http://www.2-viruses.com/remove-xp-internet-security-2012.



XP Internet Security 2012 system amendments:

XP Internet Security 2012 files added:

  • %UserProfile%\Local Settings\Application Data\opRSK
  • %UserProfile%\Local Settings\Application Data\pw.exe
  • %UserProfile%\Local Settings\Application Data\vz.exe
  • %UserProfile%\Local Settings\Application Data\MSASCui.exe
  • %UserProfile%\AppData\Local\opRSK
  • %UserProfile%\AppData\Local\pw.exe
  • %UserProfile%\AppData\Local\vz.exe
  • %UserProfile%\AppData\Local\MSASCui.exe

XP Internet Security 2012 registry entries added:

  • HKCU\Software\Classes\pezfile
  • HKCR\pezfile
  • HKCU\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCU\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCU\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKCU\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKCR\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCR\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCR\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKCR\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
  • HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
  • HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
  • HKLM\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1”
  • HKLM\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1”

Leave a Reply

Your email address will not be published. Required fields are marked *