How to Remove Vista Anti Virus 2012

June 11, 2011 at 05:38:50
Specs: Vista
I have seen a download specifically designed to eliminate this virus. The question is, how can I do so when my browser is held hostage by it??

See More: How to Remove Vista Anti Virus 2012

Report •


#1
June 11, 2011 at 06:05:09
unfortunatly, they recommend downloading a copy to a flash drive and then installing in safe mode if possible. if that is an option.

here is an option to try if that doesnt work. hit cntr alt del, and then click on processes. the one that you are looking for is a three letter application for example ppn.exe. if you see something with three letters kill the process.(there are a couple of manditory ones that should be running, however it will probably be wierd looking) then try going online and downloading malwarebytes at malwarebytes.org.

your other possible option, although it might be tricky is to manually try to remove it.
this might be possible let me know if the first fails

mike


Report •

#2
June 11, 2011 at 08:26:19
Italian250,

You are held hostage because this infection changes settings on your computer, so, when you launch an executable program, the infection launches instead! This happens, for example, when you try to launch Internet Explorer.

To overcome this, and remove the infection, try the following:

If the infection does not let you download files to the infected computer, download the files/programs requested below to a clean computer and then transfer them to the infected computer. You can use a USB flash drive, or other removable media (CD/DVD, external drive).

Please download FixNCR.reg:
http://download.bleepingcomputer.co...

Plug in the removable device into the infected computer and open the drive
Double-click on the FixNCR.reg file to open it
If prompted, allow it to merge with the Registry
You should now be able to run programs.


Now, download iExplore.exe, which is a renamed copy of RKill:
http://www.bleepingcomputer.com/dow...

[If the file does not download, paste the following, >without the brackets<, in the address bar of your browser:
[http://www.bleepingcomputer.com/download/anti-virus/rkill]

Save the file to the Desktop, and double-click on it.
Ignore any messages, and allow the file to run until the command window closes.

Without a reboot, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:
http://download.cnet.com/Malwarebyt...

Double-click mbam-setup.exe and follow the prompts to install the program.

Run Malwarfebytes’ AntiMalware and update the program.
Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.


Please post the >Malwarebytes log< in your reply so we can see where we are at, and plan any additional removal strategy.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#3
June 15, 2011 at 17:32:17
I just got the vista 2012 today. To get back on the internet and around the virus, I did a system restore and went back on day.

Report •

Related Solutions

#4
June 23, 2011 at 10:39:35
I've been following the processes outlined http://www.bleepingcomputer.com/vir... but when I get to Step 5, my computer will not let me download the rkill file at all. It comes back with an error stating "C:\Users\Jacob\Desktop\iExplore.exe could not be saved, because an unknown error occurred. Try saving to a different location." The only option is an <OK> button.
No matter which named version I try, I get the same error. It also does not matter what folder I try to save the file - I even tried to save it to the flash drive that I used to get the registry file to the infected computer.

How can I get past Step 5?


Report •

#5
June 23, 2011 at 11:34:38
Minime8484,

Please start a topic of your own, and we'll be glad to help you.

It gets too confusing if more than one person requests help in the same topic.

Thanks for your understanding.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#6
June 27, 2011 at 05:29:35
Hi Mike,
Yes, that failed. The virus has control of my registry. I can not access it in safe mode nor can I get to regedit. I have tried to install a small program that corrects the registry but the virus blocks those attemps. The file that I try to install just gets printed to notepad and is not installed. What is going on here, this is the most agressive virus I have seen to date... my computer has been useless now for over a week. Do you have any other suggestions?

Vexed


Report •

#7
June 27, 2011 at 20:40:45
Harold,
I can't remember how to access the part of the computer where I can reset it and go back a day. Will you please explain? thank you.

Report •

#8
July 1, 2011 at 06:39:22
There is a good tutorial how to remove this type of malware at the site submitted below. If you want to remove this virus for free then contact GridinSoft Trojan Killer Customer Support Team and they will issue the trial activation code to you. Here is the site you need to visit which contains good video instructions on elimination of this malware:
http://remove-malwares.blogspot.com...

Report •

#9
July 9, 2011 at 17:00:22
Here is how I removed it:

1. CTRL + ALT + DELETE
2. Open Task Manager
3. Click on wlv.exe (I think that was the name of it) and End Task
4. right click on your Internet Explorer icon and select Run as Administrator
5. Google Microsoft Security Essentials
6. Download and run MSE (removed the Vista spyware crap first time for me)

When the Vista Antivirus 2012 was running, I could not restore the computer either. I tried some of the free spyware removal programs from cnet and none of them worked. I hope this helps.


Report •

#10
July 9, 2011 at 18:37:52
The easiest, quickest and safest way to delete any malware is to do a SYSTEM RESTORE on your computer. It is part of Microsoft Operating system software so you know it is not a fake answer that will corrupt your computer. Hit the Start button. In the search cell, write, "system restore" then follow the instructions. Choose a restore time that is the most recent before your computer was infected. I just did it on my computer to delete malware that took over my internet--Ran System Restore, clicked on internet, no problem -- and the program is gone from the system tray.

Report •

#11
July 10, 2011 at 15:28:13
" The easiest, quickest and safest way to delete any malware is to do a SYSTEM RESTORE on your computer. It is part of Microsoft Operating system software so you know it is not a fake answer that will corrupt your computer. Hit the Start button. In the search cell, write, "system restore" then follow the instructions. Choose a restore time that is the most recent before your computer was infected. I just did it on my computer to delete malware that took over my internet--Ran System Restore, clicked on internet, no problem -- and the program is gone from the system tray. "

Wrong. There are types of malicious software that can survive formats (Bootkits, Rootkit's, etc), further more, by using System Restore on an infected machine, there's a chance those system restore points could be corrupted as well, which is why I don't recommend it.

Life With Out
Geek Squad: Your blog for tips, info on viruses, and more!


Report •

#12
August 15, 2011 at 18:27:13
YAY! I did this and It worked!! my computer is in safe mode so I am going to switch back (i hop i can figure out how to do that) and restart. SO HAPPY!!!

Report •

#13
August 15, 2011 at 22:18:35
dont think that vista antivirus 2012 eliminates viruses, its a fake software that claims to be an antivirus because it wants to swindle your money away by asking you to pay for the virus removal fee. in the form of buying the licensed version of vista antivirus 2012. you should remove this scam from your system by running a legitimate freeware anti malware program or by doing the manual removal steps instructed here
http://www.techvts.com/fake-vista-a...

Report •


Ask Question