Severity scale:  
  (71/100)

Vista Antivirus 2012. How to remove? (Uninstall guide)

removal by Julie Splinters - -   Also known as VistaAntivirus2012, VistaAntivirus 2012 | Type: Rogue Antispyware

Vista Antivirus 2012 is a rogue security program that is promoted through the use of Trojans. When this fake program is running, it will simulate a system scan and display a list of false system security threats. Vista Antivirus 2012 will display fake security warnings and impersonate Windows Security Center to make this scam look more realistic. It will also hijack your web browser and block antivirus and anti-spyware programs. Finally the rogue program will ask you to pay for a full version of the program to remove the non-existing infections. Don't purchase it and remove Vista Antivirus 2012 from your computer upon detection.

Vista Antivirus 2012 protects itself quite effectively. It blocks legitimate security software and hijack web browsers. In some cases it blocks all programs, not only anti-virus or anti-spyware software. What is more, it will detect many of well known and reputable websites as harmful and display fake security alert stating that you may infect your PC if you open a particular website. And of course, it disables certain Windows functions such as Task Manager.

To make its victims scared, it will state:

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.

System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.

Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

It's possible to remove it manually, but you have to re-enable those Windows functions at first. You may also download an automatic removal tool, but again have to fix some registry entries and terminate the main process of Vista Antivirus 2012 to be able to use malware removal tool. As you can see, Vista Antivirus 2012 is nothing more but a scam. If you have already purchased this rogue program then contact your credit card company and dispute the charges. In addition, if you find difficulties in running your anti-spyware, please follow these special tips you should know:

1. Try launching as administrator by right-clicking on executable and choosing from menu

2. Try renaming the executable to something else, like iexplore.exe so Vista Antivirus 2012 will not block it.

3. From another user account on Vista system

4. Launch anti-malware programs from safe mode with networking.

5. Stop Vista Antivirus 2012 processes with task manager or other utility.

6. Using codes like 3425-814615-3990 or 9443-077673-5028 to disable malware.

This will allow running legitimate anti-malware programs and completely clean your PC from Vista Antivirus 2012.

Offer
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

If you decided to select another anti-spyware, uninstall Reimage from your computer.
Press mentions on Reimage
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Malwarebytes.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.

Vista Antivirus 2012 manual removal:

Kill processes:
ppn.exe

Delete registry values:
HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerBrowserEmulation "TLDUpdates" = '1'

HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "%1" %*'

HKEY_CURRENT_USERSoftwareClassesexefileshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "%1" %*'

HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "%1" %*'

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "C:Program FilesMozilla Firefoxfirefox.exe"'

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = '"%LocalAppData%kdn.exe" -a "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode'

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "C:Program FilesInternet Exploreriexplore.exe"'

HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = '1'

HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = '1'

Delete files:
%AllUsersProfile%U3F7PNVFNCSJK2E86ABFBJ5H

%LocalAppData%ppn.exe

%Temp%U3F7PNVFNCSJK2E86ABFBJ5H

%LocalAppData%U3F7PNVFNCSJK2E86ABFBJ5H

%AppData%TEMPLATESU3F7PNVFNCSJK2E86ABFBJ5H

About the author

Julie Splinters
Julie Splinters - Malware removal specialist

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Julie Splinters
About the company Esolutions