Home / Parasites / Rogue Anti-Spyware / Vista Security 2012
Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:
Vista Security

Vista Security 2012

Vista Security 2012 comes from a big group of rogues which is basically one rogue antispyware with many names and versions. The name is generated accordingly to which operating system is installed in the infected computer, so XP Security 2012, Vista Security 2012 and Win 7 Security 2012 is the same rogue with different clothing so to speak, each adjusted to the different operating system. There has been an onslaught of similar cluster of rogues before, and Vista Security 2012 is a direct clone of Vista Security 2011 which was terrorizing the users back in February.

Download Spyware Removal Tool to Remove* Vista Security 2012
  • Quick & tested solution for Vista Security 2012 removal.
  • 100% Free Scan for Windows

This rogue tries to block your access to various .exe files and certain internet websites. The .exe files are blocked with a pretense that the programs the user is trying to launch are infected and Vista Security 2012 simply protects the system from further infection. As far as the blocked internet websites are concerned, the rogue is behaving like that in order to remain in the infected computer for a longer period of time. Vista Security 2012 prevents the user from opening certain web pages which would let the user know how to get rid of the rogue.

If that weren’t enough Vista Security 2012 also performs a fake system scan, “finding” a lot of infections under the names of very old worms and viruses. It is obvious that these threats are not present in the system, because the list is generated by Vista Security 2012 itself. On top of that, the rogue generates a lot of fake security notifications, which inform the user that his privacy is in danger and there are a lot of Trojans and keyloggers in the system, trying to steal his private data. The messages which should not be taken into consideration include:

Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.

Vista Security 2012 Alert
Security Hole Detected!
A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen. Do you want to block this attack?

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.

Malware Intrusion
Sensitive areas of your system were found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.

Vista Security 2012 Firewall Alert
XP Home Security 2012 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.

In order to prevent this annoying experience from happening, one must erase Vista Security 2012 from his computer as soon as possible. Invest in a reliable antispyware tool, which will help you to get rid of this rogue for good. Keep in mind that allowing it to stay in your computer can result in an ultimate system crash, so do not wait any longer to deal with Vista Security 2012.

Update:

The rogue removal will be easier if you used these activation codes to “register” the rogue:

2233-298080-3424
3425-814615-3990
9443-077673-5028

This rogue is particularly annoying because right after the installation it blocks every single exe file and you can no longer run your computer. Then there is nothing else left to but to restart your computer. When you do, while it boots press F8 and select to load the Safe Mode with Networking, so that you could download SpyHunter from our website. Then restart again, and load your computer in Normal mode to install SpyHunter. Another way to install the program is to download it on another computer, rename the installer file from installer.exe to installer.com and then transfer the file into a USB flash drive. Plug the drive into the infected computer and use it to install the program.

Once SpyHunter is installed, it will scan your computer and detect the rogue, and kill it.

NOTE: Just because you can no longer see the rogue it does not mean that it doesn’t exist. Perform a full system scan to locate and terminate all of its components, because any file associated with the rogue can leave your computer’s door open for other malware.

Download Spyware Removal Tool to Remove* Vista Security 2012
  • Quick & tested solution for Vista Security 2012 removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Vista Security 2012

Files associated with Vista Security 2012 infection:

opf.exe
nlu.exe
ssp.exe
vxp.exe
ggw.exe
%AppData%\[random].exe

Vista Security 2012 processes to kill:

opf.exe
nlu.exe
ssp.exe
vxp.exe
ggw.exe
%AppData%\[random].exe

Remove Vista Security 2012 registry entries:

HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%1″ %*’
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%1″ %*’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%Program Files%\Mozilla Firefox\firefox.exe”‘
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%Documents and Settings%\[UserName]\Local Settings\Application Data\[random].exe” -a “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode’
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation “TLDUpdates” = ’1′
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US