Remove Vista Security 2012

Removal instructions

Severity scale:  (70 / 100)

Vista Security 2012 is a fake computer security program that promises its victims to fix their computers and remove all viruses detected. However, you should know that these “viruses” won’t be found by any legitimate anti-spyware becauseVista Security 2012 fakes them trying to make you concerned. This scam hails from notorious malwares family which expects to steal users’ money.By changing its name according to the OS it finds, programs from Vista Security 2012 group infect computers unnoticeably with a help f Trojans. Vista Security 2012 is also distributed through fake online scanners, flash updates, misleading pop-ups that appear when you are browsing, so make sure that your anti-spyware is usually updated!

Having infiltrated the targeted computer, Vista Security 2012 will start causing numerous problems though it will try to convince you that it is extremely needed. Being quite hardly removable, this scam displays lots of false spyware detection reports and fabricated scanners that will announce the same thing:

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

Vista Security 2012 Alert
Security Hole Detected!
A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen. Do you want to block this attack?

Vista Security 2012 Alert
Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
- Dangerous code found in this site’s pages which installed unwanted software into your system.
- Suspicious and potentially unsafe network activity detected.
- Spyware infections in your system
- Complaints from other users about this site.
- Port and system scans performed by the site being visited.

Things you can do:
- Get a copy of Vista Security 2012 to safeguard your PC while surfing the web (RECOMMENDED)
- Run a spyware, virus and malware scan
- Continue surfing without any security measures (DANGEROUS)

This unpaid activity also includes continuous pop-up ads and takeover of your browser to interrupt into your normal work with PC. Going no further, Vista Security 2012 will say that for elimination of these problems, you firstly have to register its “full” version and now it should become obvious that it wants your money only. Vista Security 2012 should not be left inside your PC because it will let other scams to reach your machine and also starts fraudulent activity. Whenever you see it, don’t take seriously anything what it tells and stay away from it and its websites. Make sure that you remove Vista Security 2012 as soon as possible if it’s on your machine already.  To disable it, try entering one of these registration codes: 2233-298080-3424, 3425-814615-3990 or 9443-077673-5028. In addition, run a full system scan.

Automatic Vista Security 2012 removal:

Malwarebytes Anti Malware

Download | review

Tested and Confirmed! Malwarebytes Anti Malware removes Vista Security 2012 (2011-06-09 12:42:00)

STOPzilla

Download | review

Tested and Confirmed! STOPzilla removes Vista Security 2012 (2011-06-09 12:42:00)

Spyware Doctor

Download | review | tutorial

We are testing Spyware Doctor's efficiency at removing Vista Security 2012 (2012-04-10 17:19:26)

XoftSpySE Anti Spyware

Download | review

Vista Security 2012 manual removal:

FORUM:
Discuss Vista Security 2012 in
spyware removal forum

Kill processes:
ppn.exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'

HELP:
how to remove registry entries

Delete files:
%AllUsersProfile%\U3F7PNVFNCSJK2E86ABFBJ5H
%LocalAppData%\ppn.exe
%Temp%\U3F7PNVFNCSJK2E86ABFBJ5H
%LocalAppData%\U3F7PNVFNCSJK2E86ABFBJ5H
%AppData%\TEMPLATES\U3F7PNVFNCSJK2E86ABFBJ5H

HELP:
how to remove harmful files

QR code for Vista Security 2012 removal instructions:

QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like Vista Security 2012 are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Vista Security 2012 right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

Additional resources:

0

6

satan

i didnt have kdn.exe instead i had wie.exe

I killed the wie.exe from task manager and deleted all registry by searchign wie.exe. And also deleted wie.exe from /local/wie.exe

My computer is running smoothly again..yey

Reply »

2011 06 12

0

2

CrazyMo

On my computer it was rmc.exe

Reply »

2011 06 15

1

3

Sam

I had the ikq.exe. The instructions are very good. Thank you so much.

Reply »

2011 06 19

0

3

kevin

how do I download anything if I cant get on the internet? Its hijacked everything!!

Reply »

2011 06 20

0

2

:(

Mine was vep.exe, also stopped in task manager, deleted from local files. Pc now working well! Thanks for the tips

Reply »

2011 06 23

0

2

Hey

I am not much of a computer person so I couldnt do this. I restored my computer back to a month before and that took care of the problem. I had tried to download malwarebytes which had worked for me in the past before against a similar virus but this time I couldnt get online. Restoring my pc took care of the problem for me.

Reply »

2011 06 23

0

2

D:

How do I know which one it is?
I have a few .exe that dont have a description.

Reply »

2011 06 24

0

2

Dionne

Running in safe mode...program will not kill, or restart automatically. Impossible to use any web service to download any program fix. Mine was rak.exe and automatically restarts after killed.

Reply »

2011 06 27

0

4

Dionne

Now, it is more powerfull, when you try to run an .exe it aske you with wich program d o you want to open it. The best way to get rid of it is to reboot all the computer. I got to a informatitian and he reinstalled all

Reply »

2011 06 27

0

2

ahhh

This program is a beast. I got it killed it was GVK.exe, it was still attacking in safe mode!

Reply »

2011 06 29

0

2

Scott

To remove this virus, I advice to do a system restore. Set it to before you think you may of got this virus. I did it and it has been running as normal.

Reply »

2011 06 29

0

2

sss

Its fqu.exe for me

Reply »

2011 07 18

0

2

Ben

Found on my friends laptop under JRC.exe

Reply »

2011 07 20

0

2

Johan

Thanx, this was the best page. Ever.
My file was named rtc.exe.

It was tricky to find the file, I used command prompt and typed "cd %LocalAppData%" to view and delete the rtc.exe.

Reply »

2011 07 23

0

2

Anon

It can go by the name of vim aswell

Reply »

2011 07 26

1

2

Joe

Great post! Thank you very much for the info!
My file was "iqx.exe"
It will not allow you to install MalwareBytes (and possibly not allow you to connect to the Internet etc.). Instead, it will bring up a fake scan and maybe a fake Security Center window.
It is very aggressive.
Once you delete the reg keys, it wont disable the install.
Hope this helps anyone.

Reply »

2011 07 30

0

3

alice

mine was wtk.exe

Reply »

2011 08 01

0

2

Jornne

Mine should be ylp.exe. There was no description for this process though so it is quite easy to identify it.

It is very irritating cos it blocked my browsers when i tried to surf, alll of them!!

Thanks for the post

Reply »

2011 08 05

0

2

Kin

when this thing showed its ugly head, I did a system restore. It seemed to work just going that. I have run Spybot, Malwarebytes, Microsoft Security Essentials, and nothing has shown up in any of the scans. Can I consider this gone or should I try other removal methods? Because everything is working fine. But I would still, very much, any help or advice that can be offered. Thank you very much for your time.

-Kin

Reply »

2011 08 14

0

1

cody

nojust because you do a system restore might not take care of the virus i tried this before with an older versio of the virus and it did not work at all...

Reply »

2011 12 03

0

1

bill

just did a restore and seems to be working ptl

Reply »

2011 12 11

0

1

Connor

it wont let me access the system restore any other way to get rid of this?

Reply »

2011 12 15

0

1

Michael

It sets any exe file to be opened with the malware .exe. After you delete that it will still have other exe to be opened by a certain program, but wig the file gone you can open exes with any program you like such as regedit to get the problem done.

Reply »

2011 12 21

0

1

Michael

When I try to open Registry Edit it asks what program to open regedit.exe with. I select to open it using regedit and it starts normally with the Windows permission request and the small warning of Unintentional change then when I select continue it says Cannot Import regedit.exe The specified file is not. Registry script. You can only import binary register files from within the registry error

Reply »

2011 12 21

0

1

JD

grm.exe on one system.

Reply »

2011 12 23

0

1

Mayhem

Every time I download firefox browser from cnet I get that virus. Im forced to do a system restore prior the download. downloaded 3 times with.same result. Using malwarebytes to take care of it

Reply »

2011 12 27

1

0

bung

Thank GOD I have an ultra-nerdy kotaku sidebar on my desktop. It has constant links to the internet (for articles), and for some reason wasnt hijacked by "vista security 2012." Through it, I was able to do an online search and find this website. HAHAHA-HAHAAAAA! GO F*CK YOURSELF VISTA SECURITY!

Reply »

2012 01 11

0

0

ape

I cant seem to get my omputer to download this. I have windows vista how do I correct this?

Reply »

2012 01 12

0

0

danu

What youre saying is completely true. I know that everybody must say the same thing, but I just think that you put it in a way that everyone can understand. I also love the images you put in here.

Reply »

2012 03 11

Post Comment:

Attention: Use this form only if you have additional information about Vista Security 2012 parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«


* All field required