Vista Security 2012
Vista Security 2012 Description
Vista Security 2012 is a rogue security application that can’t provide real threat detection, but instead, Vista Security 2012 uses false positives in its pop-ups and system scans to fake usefulness. While serving as a fake security product, Vista Security 2012 will also attack your browser and other programs directly to control your website content, and prevent you from using security-related software. Since Vista Security 2012 is an active threat to any computer’s security, you should delete Vista Security 2012 by making use of any high-quality anti-malware product that’s available.The Real Vista Security 2012 Features to Worry About
Vista Security 2012 looks like a standard anti-virus program, and, in fact, shares the majority of its appearance with other recent threats like Win 7 Security 2012, XP Security 2012, Win 7 Anti-Virus 2012, XP Anti-Spyware 2012 and XP Internet Security 2012. Beneath Vista Security 2012′s appearance, however, lies a series of concealed traps that attack different programs to make it feel like countless infections are infesting your PC.
Vista Security 2012 and related threats can hijack your web browser, an attack that seeks to control which websites you can visit whenever you use a well-known browser.
A secondary Vista Security 2012 attack is its ability to prevent you from using other programs. Vista Security 2012 is particularly likely to prevent you from using real security software or programs that can help you remove Vista Security 2012, but programs that don’t fit the above descriptions can also be blocked.
The Fake Features That Vista Security 2012 Uses to Hide Its Tracks
The above attacks are just part of an overall campaign that Vista Security 2012 implements, to make you give your credit card information over to its fraudulent website. Vista Security 2012 makes this more desirable by creating fake alerts about infections, implying that the only way to get rid of them is to purchase a Vista Security 2012 registration key.
Vista Security 2012 may create system scans that automatically detect fake infections on your PC, as well as use pop-up windows. The latter can appear at random, or Vista Security 2012 may create them when it blocks a program to make you believe that Vista Security 2012 isn’t the guilty culprit.
Examples of Vista Security 2012 fake warnings can include:
System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.
System warning!
Security Essentials Ultimate Pack software detects programs that may compromise your privacy and harm your systems. It is highly recommended you scan your PC right now. Click here to start.
Security Alert!
Your computer is being attacked from a remote machine !
Block Internet access to your computer to prevent system infection.
Critical Warning!
Critical System Warning! Your system is probably infected with a version of Trojan-Spy.HTML.Visafraud.a. This may result in website access passwords being stolen from Internet Explorer, Mozilla Firefox, Outlook etc. Click Yes to scan and remove threats. (recommended)
As noted before, Vista Security 2012 can’t detect threats on your PC, and you can ignore these warnings without any harm coming to your computer. However, Vista Security 2012 itself should be removed as soon as possible, although manual removal methods may have undesired side effects. For this reason, it’s suggested that you use updated security software to scan your PC while in Safe Mode. This will prevent Vista Security 2012 from being able to run automatically, which would let it interfere with your ability to delete Vista Security 2012 for good.
Aliases
Win32:Kryptik-DMG [Avast5]Trj/CI.A [Panda]Generic23.ALZH [AVG]Trojan.Agent/Gen-RogueWare [SUPERAntiSpyware]Mal/Generic-L [Sophos]Trojan.Generic.KDV.275958 [BitDefender]Cryp_FakeAV-54 [TrendMicro-HouseCall]a variant of Win32/Kryptik.PUI [NOD32]Trojan.FakeRena.Gen!Pac.4 [VirusBuster]Trojan.Win32.Generic.pak!cobra [VIPRE]
More aliases (54)
Vista Security 2012 Automatic Detection Tool (Recommended)
Is your PC infected with Vista Security 2012? To safely & quickly detect Vista Security 2012, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Vista Security 2012
What happens if Vista Security 2012 does not let you open SpyHunter or blocks the Internet?
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %LOCALAPPDATA%\ opf.exe 689 2 %LOCALAPPDATA%\ ssp.exe 564 3 %LOCALAPPDATA%\ vxp.exe 417 4 %LOCALAPPDATA%\ nlu.exe 213 5 %LOCALAPPDATA%\ ggw.exe 145 6 %AppData%\Roaming\Microsoft\Windows\Templates\67sdh53ygdhilutew20ijnbgc N/A 7 %AllUsersProfile%\67sdh53ygdhilutew20ijnbgc N/A 8 %AppData%\Local\67sdh53ygdhilutew20ijnbgc N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS CHARACTERS].exe" /START "%Program Files%\Internet Explorer\iexplore.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%Program Files%\Internet Explorer\iexplore.exe"'HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe" /START "%1" %*'
Additional Information
- The following messages's were detected:
# Message 1 Critical Warning! Critical System Warning! Your system is probably infected with a version of Trojan-Spy.HTML.Visafraud.a. This may result in website access passwords being stolen from Internet Explorer, Mozilla Firefox, Outlook etc. Click Yes to scan and remove threats. (recommended) 2 Security Alert! Your computer is being attacked from a remote machine! Block Internet access to your computer to prevent system infection. 3 System warning! Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer. 4 System warning! Security Essentials Ultimate Pack software detects programs that may compromise your privacy and harm your systems. It is highly recommended you scan your PC right now. Click here to start.
Posted: June 9, 2011 | By SpywareRemove
MoreThreat Level: 10/10
(11 votes, average: 3.45 out of 5)
Loading ...Rate this article:
Detection Count: 1,707
Saved as a favorite, I really like your website!
Do you feel that getting rid of malware and viruses will make your personal computer operate faster. Isn’t it actually a matter of security more than computer speed? I am aware there may be some speed enhancement but for many personal computers today having a program like that running doesn’t really effect speed much.
It’s actually a cool and useful piece of information. I am glad that you simply shared this useful info with us. Please stay us up to date like this. Thanks for sharing.
I have to join the chorus of people singing Cody Gerarden’s praises. His fix worked and I appreciate the post.
I did the same thing, with the same success. Definitely worth the purchase.
All I can say is thank you to the people who actually take the time to post the fixes for these nightmares. Mr. Cody Gerarden…Hats off to you! I worked like a charm! Note to all who does it; it works! But you MUST run Stinger in Safe Mode because the virus will not allow you to remove an .exe file in regular mode. Thanks again Cody.
you are genius. It worked.
I deleted the virus by deleting the file that was the causes when the virus spamed me the file Pwb.exe was one my process list than I’ ve made a research one my computer found the file and deleated it BUT!!! there’s the problem now virus look to be gone but each time I start a processus like firefox, msn, Ccleaner it always ask me to search the program to open it like if I uses firefox I need to find the program firefox wich piss me… Does any one know what to do to solves this???
Download SPYHUNTER on a clean pc. Put it on usb. Place it on infected pc at desktop. Rename .exe to .com Because V.I.S blocks all exe. Run SPYHUNTER, and done. It works 100%
worked great, thanks!
"cody gerarden says:
July 10, 2011 at 11:37 pm
ok everyone i have sucessfully removed the virus what you need to do is download this program it will stap all malware and virus functions its called rkill if you cant access the computers internet use a flash drive and download from another computer once its on ur computer run it and you can access the internet and to remove the virus go on google and search stinger download its a free macafe progrom and it will find and remove the virus i hope this helps all of you good luck"
Thanks to Cody!!! I appreciate this post. You have saved me many hours of headaches. Thanks again!!
Cody Gerarden: All I can say is " YOU DA MAN" Thank you, thank you, thank you. It worked like a champ
I have the vista internet security 2012 problem and have tried what Cody said but it interrupts every time I go into rkill? Should I try to go to Stinger download now or keep trying the rkill first of all? HELP PLEASE?
Oh my gosh.. I’m retarded! I actually fell for this thing!
Does anyone know how I can get my money back? I called & left a message with my bank to have it blocked, but they’re closed for the night! UGH! I feel like such a sucker!
Kudos to Cody! Worked and worked well, thanks!
thank you very much cody
I used the suggestion posted by Cody Gerarden in this thread and it worked for me. Thanks Cody!!!
CODY YOU R MY HERO!!!!!!
if you have windows vista or higher and you computer is already infected with this crap windows vista security 2012 virus/scam and you want to know how to run applications first right click on the then select run as administrator and it should run. worked for me so far. after this I won’t trust ANY software that doesn’t come from microsoft. i suggest the same for all you PC users
Watch out even if you do a system restore this thing is nasty. I’ve been using Microsoft Security Essentials and it catches it after the restore- but it comes back. I’m going to try Spy Hunter and see how that works.
Allyson,
All I can say is use your own judgment. I happen to have purchased SPyHunter and love it. Some have said they did not like it but I suspect that after purchasing they were able to remove the malware program. In my case, I had so much other garbage on my PC in addition to Vista Security 2012 that SpyHunter found and removed. After doing so my PC runs faster and boots faster. For now I will continue to use it as it has proved itself worthy so far. I cannot speak for others or long-term. I have only been using it for 2 months now. Hope this helps you.
I\’ve installed SpyHunter4 and it is scanning my files now. Question…should I purchase the full registered version? It\’s only $40 but I am wondering if anyone found it to be worthwhile. We\’ve just been using the free avast anti-virus software, which obviously didn\’t catch the Vista Security 2012 virus. Any advice?
Everytime I try to download the stinger program onto my computer, the vista thing blocks it and wont allow me.
I need to access my computer..
Guys, It works. Went to safe mode and ran restore. Its gone. Yeah. Thanks BoPeep
I have tried to delete the program, but every time I try to do a system restore I am not allowed because Vista security still blocks it! I have tried to download the link as well. and NOTHING works! I don’t know what to do anymore. This is all done through Safe mode as well. How do I fix my computer?? please help!
Thank you cody gerarden, works good, I removed this bastard
)
Thank you cody! It did the trick! I really appreciate it.
im ok wit computers but anti-virus stuff im not good wit i was playing games on me computer then i woke my dad screaming at me saying i got 27 viruses then i saw it was vista i.s. 2012 it looked suspicious so i ran webroot then quarantined viruses then ran the scan on vista totaly the same number so i did sum research found this website no other method works but i hope this one does ): im using a different computer right now
cody gerarden, you are a LIFE SAVER!!
Tried the restore method and think it worked…keeping my fingers crossed.
Also unplugged the modem like Kevin suggested…Thanks
Great, cannot access the internet. using my friends laptop now. What do I do to load up my PC to access the internet. My friend said use Safe Mode but I have no clue what that is. I am not computer savvy so please ENGLISH!
Thank you Cody Gerarden for posting this information for everyone to utilize. That is one frustrating virus.
To Cody Gerarden, than you for the tip on stinger. It did the trick.
Thank you cody gerarden, you rock your fix worked like a charm my neighbor called me all freaked out because of what one of his kids did on his PC . did what you advised as your fix and now have one happy neighbor. thanks so much……
khgman
ok everyone i have sucessfully removed the virus what you need to do is download this program it will stap all malware and virus functions its called rkill if you cant access the computers internet use a flash drive and download from another computer once its on ur computer run it and you can access the internet and to remove the virus go on google and search stinger download its a free macafe progrom and it will find and remove the virus i hope this helps all of you good luck
Need your help. I cannot use my internet as Vista Internet Security 2012 Firewall Alerts are blocking. Please show me how to remove Vista Internet Security 2012 from my computer.
Thanks
just do this guys. 1. boot into safe mode by pressing F8 before Windows fully loads (before splash screen)
2. use windows restore to restore your pc back to the latest restore point.
3. restart.
4. look at your happy face because vista security 2012 is gone.
Try physically disconnecting the modem and rebooting the computer. I know it sounds odd, but we did this and for whatever reason it not only let us use Firefox, it also let us even use our legit anti- virus program.
Great try, But Vista Security still runs in safe mode. Try to kill it and it comes right back. Also, it DOES NOT allow you to open Chrome of Firefox either, it doesn\\\’t effect just IE.