How to remove Vista Antivirus 2012?
What is Vista Antivirus 2012?
Vista Antivirus 2012 name must be remembered because it is one of the most aggressive malwares, spreading through Windows Vista OS running machines. You must keep away from this scam and remove it ASAP. Vista Antivirus 2012 hails from a dangerous family of malwares that all change their names according to OS found. After getting inside with a help of Trojans, it will additionally start displaying fake system scanners and alerts that will claim the same things: your PC is infected, purchase Vista Antivirus 2012 for removal. However, the only thing you should do is to remove this scamware called Vista Antivirus 2012. In reality, it reports only invented viruses and expects only to swindle your money by offering its paid virus removal services.
Vista Antivirus 2012 is supposed to create an image that it is dedicated for defending computers from all kinds of threats. Unfortunately, this scam is created for the only thing – to rip users off. It starts its malicious campaign as soon as PC is rebooted and drops some harmless files just after infiltration to find them as viruses. After it ‘scans’ the system, Vista Antivirus 2012 displays various alerts that return invented information:
Malware Intrusion
Sensitive areas of your system were found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Please, keep in mind that Vista Antivirus 2012 usually spreads through security vulnerabilities of the targeted Operating Systems, that’s why it’s highly recommended having the ‘licensed’ security software on PC to avoid this or any other cyber threat. Reputable anti-malware will guarantee the highest protection and won’t allow Trojans spreading Vista Antivirus 2012 or other threats inside. As you have already realized, you must remove this program once you see, so please don’t waste your time. Otherwise, it may let more viruses inside your computer and also steal your personal details, like credit card numbers or passwords. To help the removal, enter this registration code of Vista Antivirus 2012: 2233-298080-3424 or 3425-814615-3990. Additionally, it’s highly recommended using Spyhunter, Spyware Doctor or this removal guide.
Vista Antivirus 2012 is Extremely dangerous
Vista Antivirus 2012 is a corrupt Anti-Spyware program Vista Antivirus 2012 may spread via Trojans Vista Antivirus 2012 may display fake security messages Vista Antivirus 2012 may install additional spyware to your computer Vista Antivirus 2012 may repair its files, spread or update by itself Vista Antivirus 2012 violates your privacy and compromises your security
for Vista Antivirus 2012 detection
Note: Spyware Doctor trial provides detection of parasite like Vista Antivirus 2012 and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
Manual Vista Antivirus 2012 removal
Important Note: Although it is possible to manually remove Vista Antivirus 2012, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyware Doctor or other malware and spyware removal applications found on 2-viruses.com.
Remove these Vista Antivirus 2012 Registry Entries:
Remove these Vista Antivirus 2012 files:
It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Vista Antivirus 2012 infected files and get help in Vista Antivirus 2012 removal by using free Spyware Doctor scanner. It comes with free real-time protection module that helps preventing Vista Antivirus 2012 and similar threats.
Vista Antivirus 2012 is classified as Rogue Anti-Spyware. After infecting a user’s system, it proceeds to scare its victim into buying the “product” by displaying fake security messages, stating that your computer is infected with spyware and only Vista Antivirus 2012 can help you to remove it after you download the trial version. As soon as the victim downloads Vista Antivirus 2012 trial version, it pretends to scan your computer and shows a grossly exaggerated amount of non-existent errors. Then, Vista Antivirus 2012 offers to buy the full version to fix these false errors. If the user agrees, Vista Antivirus 2012 does not only fix the errors, but it also takes the user’s money and may even install additional spyware into the victim’s computer.
Some Rogue Anti-Spyware, such as Vista Antivirus 2012, may offer users to buy it after the victim clicks on a banner or a pop-up while surfing the internet. Usually, a Trojan is installed to a victim’s computer after clicking on the advertisement. It then proceeds to download or even install Vista Antivirus 2012, which is another way for Rogue Anti-Spyware to spread itself.
Most of rogue Anti-Spyware, such as Vista Antivirus 2012, is nearly impossible to remove manually.
My wife’s computer has this Vista Anti-Virus 2012 spyware and I can’t get to Syware doctor site to download program. The spyware blocks access to the internet.
If I could find the asshole that came up with this Antivirus 2012 I would kick his ass!!!!
I still don’t know how to remove Antivirus 2012, can somebody help me?
@Jimmy
You’d have to get in line for that ass-kicking! I started working on my daughter’s computer last night and now I’ve spent the better part of my Sunday at it, and I’m *still* not any closer to removing this program. I’m about ready to scream or throw punches at this point. My husband actually joked he’d feel safer working an overtime tonight than coming home and facing my wrath over this computer fiasco and he works in a men’s maximum security prison. No lie. I’ve finally put up a white flag to some of my computer friends hoping they’ll take pity on me & walk me through this, (which I hate to do because I know they get bugged all the time from everyone else but I’m desperate!) but it’s Father’s Day so I don’t think it’s going to happen today. Good luck with trying to find your solution, hope things work out for you! -and why CANT something be done to these people that start this crap? They’re collecting money from some poor fools, so there should be a paper trail…They make me wish dungeons and leg irons were possible.
I got the virus yesterday at noon! I can’t beleive this, I thought I was a pretty good surfer on the net, but I guess I wasn’t when I got this virus. Now my computers down and it could cost me up to 200 bucks to have all the work done..NASTY VIRUS!!! I will back your ass kicking on that.
@Jimmy I WOULD TOOO!!!!!!!! THAT MORON DOESNT HAVE A LIFE..
I just spent 3 or 4 hours trying to help someone get this crap off their computer, It was pissing me off so much! Eventually we had to pay 90 dollars to remove it. I’m just thankful it’s gone now. I still wouldn’t mind getting in line for that ass-kicking.
How in the #%@&* are you supposed to download any removal program?!? This lowdown piece of crap is everywhere you turn!
Anyone figured out a solution yet? Is there a program on a hard disc out there that will work?
Well i caught this vista antivirus bug today, it took over Firefox and Internet Explorer could not get on no sites at all for advise, I was lucky that i could borrow a laptop from a friend. If you are like me and you don’t much about PC’s just reboot it I’ve done that and it’s all back to normal. Restart you’re PC or laptop then soon as it comes back on tap f8 then select – safe mode with command prompt – then type rstrui.exe hit enter then it will give you option of restoring to previous date i did at least 7 days then it will reboot.
Forgot to mention I had to uninstall mozilla for some reason after i rebooted, kept getting blank screen when i tried to launch it. Just download it again
@nathan
I have a question. you said that you just typed rstrui.exe but i don’t know where you put it in.. lol cna you explain a bit more since i’m not good at computer at all. Thanks.
NATHAN!!….You are the MAN!! Followed your instructions and was able to get into system restore, and enable my trojan remover, in normal mode! THANK YOU!
Hi Annie, I’m not very good either lol restart you’re PC or laptop then soon as it starts don’t wait for it load up tap f8 repeatedly that will take you to Advanced Boot Options it will give you options to choose select SAFE MODE WITH COMMAND PROMPT then PC will start up and take you to Administrator.cmd.exe you will see something like this C:\Windows\system32\ just add rstrui.exe like this C:\Windows\system32\rstrui.exe and hit enter.
No problem glad i could help you.
Easy Way to Rid Your COmputer of Vista-anti Virus 2012
This virus is aggravating, but easy to get rid of.
All you need is access to another computer and an external hard drive or memory stick.
Follow these steps.
1. On another computer, download Combofix to external hard drive, or memory stick.
2. Start infected computer in safe mode.
3. Download Combofix from external harddrive, and save it on your desktop.
4. Reboort computer in normal mode.
5. Run Combofix.
Should work.
Annie: begin typing at the end of the code string….the cursor should be blinking.
@Annie
Restart computer and hit the F8 key…scroll down to Directory Services Restore Mode enter…this will remove the virus from the C Drive..I had this thing for days and it was driving me insane! All gone now.
@nathan
Nathan! I agree with Steve, you are the man. You saved me too. I didn’t even have to re-install Firefox.
Thank you so much!
The Restore did not work for me. I went back 11 days via Safe Mode and it still is rearing its ugly head. Any other suggestions?
Thank you for the help!
Malwarebytes, a free scanner, gets rid of them. Download it a cnet.com or some other “rated by actual users” site.
Aerx: We recommend Mbam as well, though it does not remove it in 100% cases.
@nathan
Nathan, you are a genius!!!!!!Oh my gosh-I did just what you said & it was so easy – you are my hero …are you msrried??
I downloaded Malwarebytes Anti-Malware and that got rid of it but some some reason my internet connection is not working so i’m guessing it changed the settings.
I have come across this virus a few times in my career…
easiest to do is log in with another account.
if you don’t have another account, you should be able to create another through computer management, and apparently the virus is user specific so it won’t bother you on another profile, paving the road for removal
Andy: On vista – maybe. The series of trojans might infect all users account as well, which launches Win XX Antivirus 2012 on all users accounts.
I was scammed by antivurus XP 2012, i gave my credit card details, an amount of over R400 deducted from my account and the transaction reference was Albinospro. Does this mean that further deductions/trasactions can be done now that they have my credit card details?
The easiest, quickest and safest way to delete any malware is to do a SYSTEM RESTORE on your computer. It is part of Microsoft Operating system software so you know it is not a fake answer that will corrupt your computer. Hit the Start button. In the search cell, write, “system restore” then follow the instructions. Choose a restore time that is the most recent before your computer was infected. I just did it on my computer to delete malware that took over my internet–Ran System Restore, clicked on internet, no problem — and the program is gone from the system tray.
Jeremy : a lot of trojans have a way to overcome system restore. The single 100%proof way to to restore system is by using system images stored on removable media like dvd. However majority of users fo not prepare and update them
@nathan
Thank you Nathan. I followed your instructions and it worked great. If they ever catch the individual(s) that created this virus, they should be locked up for a very long time.
The System Restore method worked well for me on Vista….now trying to work out how to stop it happening again
What I did was press contol + alt + delete, went to processes & ended abe.exe….then i hurried and went in & restored my computer to a previous date. Took it right off – after 3 hours of messing with it.
Jeremy Preet – Thanks for the suggestion of using SYSTEM RESTORE. Your instruction works like a charm for me in removing my Vista Antivirus 2012. I chose to restore back a month to June just in case.
It took awhile for my PC (about 5 – 10 minutes) to restore. The screen remained blank while restoring. After restart, my browser is free again and I’m back on-line. So far everything is still ok and it has been no problems since July 10. Thank you for your suggestion.
BTW, the F8 safe mode method did not work for me. –ttn
I found that the quickest way to get rid of this was to search for lkn.exe , found in appdata/local and delete it, if you cannot delete it make sure you make the folder not read only
helper:
So, on some instals in will be lkn, on others – not.
The file name changes randomly. Thats the problem
Nathan, you’re a legend! Easily saved me $100 or more and lots of tears and stress!
Such a lifesaver
Nathan, I don’t know who you are or where you are, but I want to give you a big fat kiss!
listen to him people! It totally works!!! Just be patient, it takes a few min. T
hank you soooooo much Nathan
Just got the virus and used Combofix and whammm…. FIXED…… thank you Leslie Now I keep on my USB keylock
Hey guys, another way around it is to create another administrator account and install the appropriate removal software. I’ve seen several computers with the problem and with another admin user account, avira and spybot it works everytime. I hope this helps you guys.
NATHAN, thank you very much.. it’s back to normal again when I checked Security Center, and it’s essentials are turned ON again. I don’t know when will it come back (the viruses). How can I avoid the viruses so it will not affect our computer again.. and saves us a lotta trouble. Again Nathan, MAHALO! ^_^
Len: The best bet is getting an decent Internet Security Suite ( I use ESET smart security myself, Kaspersky is great too ) and anti-malware program (paid version). Most of free anti-malware programs do not provide protection against infections.
Nathan saves the day yet again! thanks for putting an end to my frustration. i love you with all my <3
@admin
thank you for the advice, will do that ^_^
Got the computer my husband uses yesterday
while I was at work. The first system restore I tried failed, so I am attempting another . . . hoping this works. Last virus costed us about $120 and that is not in the budget with Grad School.
Good advice, System restore helped but I still had issues. Had to get a registry repair software to get mine fixed. It took me some serious work, but I was able to fix it after a couple days.
THANK YOU TO ALL ON THIS THREAD..
Vista Antivirus 2012 and the coding fools behind it …caused us all a lot of headaches..
Called BestBuy first, was quoted 200.00 to fix it, looked at their latest add and saw a 320gb external hdd for 50 bucks, and decided I was gonna take my pics off (like 4,000) and try to fix myself.
Found quite a few sites, but this one was a life saver.. I read the whole thread and between Nathan’s and a few others, this is what I did and it WORKED…..
Opened Task Manager
Sorted by CPU usage on the processes tab (didn’t have anything open but all the dang Virus windows)
My file names (.exe) did not match watch others had listed they were owdl.exe
As I killed those processes the windows would FINALLY go away for good
Clicked Start button
Typed ‘System Restore’ in Search text field
Went back two weeks
It took a while between the message saying the System Restore was taking place and then the Shutting Down message lasted far too long also but I let it play out
I didn’t have to uninstall or reinstall any browswer and my PC is back to working like a charm.
God Bless Blogs like this, you saved me a lot of money
I appreciate the time that each of you put into posting to this site.
Take care,
Nycole
@nathan
I am endebted to you Nathan having just been infected by the vista antivirus 2012. Thanks a million
@nathan
cheers nathan,
should have guessed that restore point would have worked.
@Nycole
What you posted sounds interesting but a bit vague. Could you please clarify the steps you took to eliminate the virus? You lost me between Open Task Manager and Click Start button.
Thanks so much.
Thanks Nathan, IT WORKED!!!
I love you guys, especially Nathan. I am not 100% sure yet but by golly I think this has worked.
Somehow I deleted the alert and scan but now my system is really running slow. (I think there are some other malwares because i installled many Anti-Virus programmes.
How do i fasten up my PC again? (atm i’m downloading SpywareDoctor)
Will it help or do i have to do something else because i can’t put in the code-key.
Patrick : do couple scans with good tools. Then keep single antivirus engine running, as this is likely cause of slowdown.
hey! I did the Malwarebytes’ Anti-Malware (MBAM) scan and found viruses named like above and deleted them. Unfortunately it doesn’t let me run windows normal (only savety/secure mode).
–
I have Windows Vista, Laptop, what can i do ?
Patrick:
It might be messed up account and it might be messed up PC. If it is messed up account, try creating another one in safe mode and see if you can boot. If it is messed up PC, try doing system restore.
i created a new account, altough it’s fucked up in normal mode. (sorry)
is there an option to reinstall (reformate) vista? if so please tell me the link ( i heard something from a free trial … but what about a full version?
regards, from austria..
patrick
Help! I downloaded the program to fix the problem and am trying to run it in Safe Mode, but my computer seems to have forgotten how to run “.exe” files. It keeps asking me what program I want to run the software with.
Right-click on executable. Choose run as administrator
Nathan was right on. I had the same virus Vista Antivirus 2012. I did as Nathan instructed. I restored the computer to 7 days before the virus got on my computer. It worked. So kudos to Nathan.
Nathan, thank you!!! The morons that create these viruses should be caught and publicly executed for the crap they put people through.
what if the restore programme doesn’t work? how to fix that?
error message appears when i try to run it.
also the restore-mode doesn’t work either
Thanks Nate 11:59pm on August 8 Monday
The f8 did work…saved me $100 +. Sincerely Utah
I love you Nathan!!!!!!!!!!
glad i helped some of you, made my day
Hi, I just spent several hours trying to remove this virus. Tried a system restore twice but it didn’t work, booted in safe mode and downloaded spy doctor which found the viruses but wouldn’t actually remove them without buying the full version. At this point Vista Antivirus was doing it’s thing even in safe mode. Downloaded Malwarebytes from cnet and it spent an hour and half scanning but finally did detect AND remove all the little buggers. Computer seems to be working fine now but for one little problem. All the files seem to be gone. All pics, documents, everything except iTunes music. But the C drive still shows that it’s half full, and there isn’t enough music on there to account for that much memory being full. I’m wondering if anyone knows whether this virus eats files, or if it was the attempted restores or what? I only restored it back a few months but the files were mostly over a year old…
I have tried the system restore and try to start in safe mode, however I keep getting the blue screen and then cpu restarts. I am not getting nowhere, please help!
@Shane : please try malwarebytes .. it is an antivirus software. freely available on internet..
you will need second computer though.. get it the installer in portable device from friend.
as soon as comp starts right click on this installer (mbam-setupxxx.exe) > Run as Administrator .. go for a quick scan .. it will find 6 infected files. remove those.. restart..
praj : Malwarebytes is anti-malware only. Do not expect from software to do more than it does.
Thank you thank you Nathan, it worked!!!!!! System is running super slow but the virus is gone.
The codes er…registration key won’t work for me at all! Is it really important to have them?
It’s not hard to remove unless you are clueless. Malwarebytes will fix it for you but you will need to rename the exe file in some cases.
@nathan
Nathan, thank you so much for your instructions!!! I got the Vista 2012 Virus today, and what you told us to do worked. I can’t believe it. You are the man, God bless.
@nathan
Thanks for your help Nathan. Hubby’s computer got this and he kept thinking this was real and would have bought the so called software except I told him ages ago to never do it unless I check it out. Of course I discovered the vista thing was a virus. Your notes helped me reboot and restore in safe mode. Thank you so much.
Sorry, my bad the sequence is : click start-then all programs -then accesories- then system tools- then right click on system restore , then click on the option run as administrator and the system restore will open , restore to an earlier date like I did and computer nis fine now.
So I recieved this nasty Vista Anti Virus 2012 the other day. Stumbled upon this website and followed Nathan’s procedure. Seems to have worked. I restored my computer to about 10 days ago. But now when I try to open iTunes it will not open and its telling me some files are missing and that i need to reinstal. I would hate to do this since we will lose our library but is that my only option now?
It worked. Thanks for the input!!!!@nathan
A recomendation for Itunes library is to have it on an external storage hdd ,then if you loose your itunes you just have to download a new itunes and get it to point to the library on the external drive.
I’ve recieved this virus so many times already and still dont know how to prevent it. Does anyone know how to prevent this virus?
Many, many thanks to @nathan!!!! The instructions he provided worked perfectly! My computer was infected Saturday, I wasn’t able to access System Restore, Firefox/Chrome/IE (for the purpose of downloading Malwarebytes), or my existing “security software.” Following @nathan’s instructions was easy and worked perfectly. After the system restore completed, I downloaded Malwarebytes and ran a full scan. The program found five additional infected files. I’ve since cleaned up the files and installed new security software. Thanks again!!
Thanks Nathan, Safe mode ,command prompt and typed rstrui.exe, did the trick. Then was able to run malwarebytes to clean it up, Thank U
I’m very grateful for the advice in this discussion. I too was plagued with this awful malware. Followed the instructions for a re-boot to Safe Mode with Command prompt and did a System Restore to previous restore point and am back in business. Many thanks to Nathan for the great advice.
@nathan
OMGOSH YOU ARE AMAZING!!!! SUPER SUPER HELP!!!!!!
Plagued by Vista Antivirus 2012. Disables keyboard and mouse on desktop, in safe modes, and command prompt. System restore cannot find file path specified for any of three points offered. Keyboard and mouse only active during initial boot stage so I am unable to download or run anti-virus software. On the verge of reinstalling Vista OS but thought I’d post first. Any insight greatly appreciated.
Nathan, thank you. This was a quick and easy fix when I was frustrated beyond belief. I got the WIN 7 version of this same virus on another laptop, ironically when visiting the same website as I did when I got the Vista version of it. (its a very mainstream media website too, FYI)
When I got the WIN 7 version (just 2 weeks ago) my brother in law, who is an IT guy, walked me through fixing it the long way over the phone. (he couldn’t dial into my computer as internet access was blocked with this virus) He wasn’t available tonight to help me again…but you were! Thanks again.
I will try to download the Malwarebytes now.
i wont kick the inventor of this virus ass, i will instead stomp his face into the ground breaking his neck, then ill have my son, 12 years old, stomp his children until they are paralyzed..
how about that
Tried the Store commnad in Cmd mode and got an error. Tried the Alt Ctrl Del option and could not find the abe file to stop the program. Tried the “restore” command under the Start option and got an error. Any other ideas….PLEASE!!! Thanks..
followed this for my brother and it tells me that rstrui.exe cannot be found, also tried it in safe mode. Is it possible that they fixed the virus to block that too?
Nathan, you are THEEEE MAN. ( singing your a hero, computer hero) but off tone as hell. But for real if my sister wasn’t taken I’d let you date her. Nate…can I call you Nate, you should run for president.
thanks for the advice provided here…a simple restore to a earlier date, i was able to rip the virus from my laptop, great relief! great help for non pc savy people like myself. many thanks!
90% of viruses are made by antivirus software companies.
Jacob: get a clue.
I caught the fake virus today, paid 59.00 to have it removed and now I cannot find the anti virus program that I purchased. I may need to call my bank and cancel my credit card. Please let me know if anyone else paid this service.
CRR: Reinstall your antivirus. Some of removal tools do not work well with other antiviruses, or malware uninstalls legitimate anti-malware programs.
I did the same, please let me know if you have any further problems with this company.
Thank you, Kapersky finally alerted me and cleaned up the viruses, the anitvirus program that I downloaded from that company has disappeared. My only concern now is that they have my credt card info and hopefully when I cancel the card, this will cut then off from my account.
It even popped up in Safe Mode. HELP PLEASE.When I tried the command prompt option, it did not recognize the rstrul.exe addition. Help
I need help: Read about other removal methods.
I did, and they haven’t worked.
Thanks for the help. Just popped up my start menu, and typed in system restore. The virus tried to block it the first time, but closed the popups and did it again. Just clicked on system restore after typing it in the search, and picked a date a week before I suspect I got it. Takes about 10 minutes or so for the program to do it’s thing, and voila. Ran my own antivirus, which was showing some cookies that it couldn’t put into quarantine (which i suspect was the vista) and it was able to remove them. Thanks tons, folks.
Crazy ass virus got me and my dad it looked so legit.
Do not fall for it! It’s evil and will steal your money!!!!
I have the solution after many many horrible hours.
There is a free downloadable program that is totally legit and free, and one of the only programs that will restore your computer without deleting your programs that you need.
I won’t normally download any programs-especially after I get a virus:-(
However this is a good program and will NOT hurt the computer at all
SAFE MODE WILL NOT WORK!
I have tried and tried this idea, and I found out that this specific program works off of safemode. So it didn’t work for me.
All you need for this to work is a USB and another computer where the virus is not on it.
1.Plug in your USB
2.Once you go on the other computer that doesn’t have the virus on it, you go to yahoo and search in Combofix, the site download will be on bleepingcomputer.com.
3.It will give you step by step tutorial but only download the option under USING COMBOFIX and the lettering will be SMALL but outlined in blue. It gives two options click on the version from bleepingcomputers.com only.
4. You will need to save it on your drive for the USB (usually it will say drive E or F). This will happen when it first opens to download and will automatically want to put it on your downloads. You can put it on your downloads if you want but you will need to move Combofix from your downloads to your USB drive.
5. Once you have it on your USB then you disconnect from the computer.
6.You should have the infected computer disconnected from the INTERNET. You can turn off your wifi or whatever but it needs to be offline in order to let this program on.
7. Put the USB in the infected computer.
8. Exit as many times as you can from that stupid antivirus vista and whatever prompts it gives just exit out of them, they are all tricks. Don’t be afraid to open your ctrl alt delete and delete any vista programs and or programs under the name of rndll.exe or strange program names. None should be downloading right now EXCEPT anything that says Combofix or your DRIVE for USB.
9.Your goal is to get that USB drive to open on your computer and then to click onto Combofix application that should be on your USB once it’s been opened on the computer.
10. Once opened be patient let the program run (it should have a little blue screen that starts wokring), Combofix will go through all the steps that are listed on bleepingcomputer.com automatically.
11. My computer automatically restarted after that and that took a little wait too but don’t be discouraged it will eventually work. When it reboots it will open up again and don’t touch anything just let the program work until you get a notepad describing it’s log. This will be the end of your experience.
12. You can print your log out if you want and then do a normal scan off your normal antivirus-NOT anything that says vista antivirus.
For instance my normal antivirus is the free version of AVG.
13. Once your computer has been scanned with your antivirus then, your welcome to plug your internet back in.
14. Just to be safe I would press ctrl alt delete and then delete anything that looks strange like rndll.exe or anything else that might look suspicous.
15. There shouldn’t be anything on there beside your notepad and internet explore (if you opened it yet).
I hope this helps! I know it may seem complicated but it was the only thing that will bypass this evil bastard without restoring your computer. I couldn’t restore mine since I had programs and saved data that would be lost and I needed it.
I hope this helps and trust me this has worked wonderfully for me and I’m so happy that I wanted to tell everyone about the wonderful combofix
*Please remember it is Called COMBOFIX there were some advertisements for another type of program that is similar but it is not COMBOFIX if it doesn’t say combofix.exe when you are starting to download it, then you are not on the right one. If you re read my instructions make sure you are under USING COMBOFIX in the guide and tutorial for Combofix and clicking on the outlined blue one. Once clicked make sure to click on the “COMBOFIX DOWNLOAD LINK :” it will be outlined in blue and in small writing again. It can be tricky to find since there is advertisements on that page that can make you think your clicking on the download but it’s really a seperate program.
OMG Nathan, thank u sooooo much!! The system restore method WORKED!!!
Wow, thanks so much for the great info. This removal worked for me and I am a complete dud about computers. I just didn’t know what to do. I really appreciate when savy people share their knowledge. Thank you, thank you, thank you.
Martha
@Aerx
We have Malwarebytes active on our computer, and it did not prevent the problem from happening in the first place. I’m going to try what Nathan suggests and hopefully that will fix the problem. STUPID VISTA ANTIVIRUS 2012!!!
You just paid the guy that put the darn thing ON TO your pc!!! Cancel that card quick!!!
I would caution everyone that Combofix is a very powerful tool, and unless you know exactly what you are doing, should be used as a tool of last resort. Do a search for a utility called “rkill), which will kill malware processes that are running. Then, you should be able to run Malwarebytes to try and clean up. If you’re having trouble connecting to internet, make sure there are no proxy servers set in your browser setup.
Ron: Rkill does not kill all malware processes automatically. It kills processes from “weird” or untypical locations: temporally folders, application data etc.
In my experience, there are 3 things that are better:
1. Anti-malware programs like Stopzilla that have automatic malware processes killers integrated (even in trial).
2. Anti-malware programs and installers that prevent malware from killing them (SZ, spyware doctor to name few)
3. Manual tools like process explorer to check if there are malicious processes from weird locations.
@Nathan
Tried what you suggested. So far so good. Thank you!
I have been messing with this sense friday grrs and am still messing with it i have a tb on my computer and am currently on a lap top trying to research this.
Problems are that with Combo fix this bugger knows how to corrupt this thing i am hitting up Hitman Pro right now I have used spyzilla and it got rid of some but its still there. I am in the process of getting spy hunter any other ideals suggestions help i tell ya all im gonna do really is scream
Combofix is not a full anti-malware program, and should be used with professional supervision only. If malware still exists on the system and you can’t delete it manually, use Spyware Doctor, Stopzilla or Malwarebytes. If it does not exists, but you can’t launch programs, restore file associations to default
@nathan:
thank you so much! it worked
and i’m totally up for this ass-kicking
trolls that make these viruses
are forever alone
I need help!
I can’t do a system restore for this or else I will lose absolutely everything on the computer, backing up all the files takes too long and I’ve never done that before.
The spyware won’t let me run the SpyDoctor or anything either.
I want something that I know will definitely work completely without getting rid of anything but the spyware.
Genevieve
Right-click on anti-malware program executable and choose run as administrator.
Frankly, I think it’s the same guys that make SpyDoctor that wrote this Antivirus virus. Jerks!
Skeptical: Get a clue
Please Nathan anyone help. I got this thing on Monday. Did not understand what it was. Ran my security essentials said no problems. Ha! Now my computer will ask if I want to boot in safe mode with networking or c prompt but cannot get past the logon screen. The keyboard (Dell Laptop) is locked. I have tried the USB recommended on here. Hasn’t helped. Was able to use the F8 key but still locks at login screen.
Help please.
SF : Use alternate OS scanner like Nortons : http://www.2-viruses.com/alternate-os-scanners-introduction . You will need another PC.
I do not know what to do… I cannot do the operation stated above because my mouse and keyboard are disabled. Please advise.
Pctools did not work for me, and am currently trying Avira
can someone tell me where to safely download this malwarebytes? You guys have been a BIG help!
Alex: there is a mbam link in sidebar.
I had the Vista Security 2012 virus on my desktop PC that slammed me with constant popups. Although I’m pretty sure I’ve gotten rid of it, it’s somehow found a way to prohibit me from getting online. I’m typing this with my laptop, which is working fine.
My question is: what can I do to access the internet on my formerly infected desktop PC? I’ve tried lots of ways that supposedly worked for other folks – but none have worked for me.
Thanks in advance,
Joe
Joe:
“prohibits me from getting online” is not descriptive enough.
1. if it shows no internet connection, then you have deleted some network driver (infected), which needs to be replaced. Happens with TDSS/Zeroaccess infections all the time
2. If it displays that no website found, or shows other website, or you get redirects, go with this guide : http://www.2-viruses.com/how-to-fix-google-results-hijacker-google-redirect-virus-problem
3. After you have restored internet connection, do a full system scan with couple anti-malware tools.
@nathan
Hi Nathan, I tried what you did but when i type rstrui.exe nothing happens. I thought it was suppose to take you to a 7 days thing.
I do not know how to fix my computer, I tried all 4 suggestions with burning the cds and utilizing usb flash drives. Are there anymore alternate systems that can repair my computer? My mouse and keyboard are disabled.
Nathan is the man again! Thank you for your help. Hank
KID. I just did it and it took about 5 minutes before it popped up I thought it wasn’t working either..just give it some time
to Nathan or anyone who used his idea… it wont work for me
I typed f8 repeatedly and arrived at the spot to start safe with command, I hit enter and then it asks for operating system to start with, windows recovery console or windows xp media center edition. I click the xp media one and it fills my screen with a bunch of multi disk rdisk partition windows/32system….. than asks if i wanna start as admin or my name, i click my name and it gives black screen
C:\documents and settings\myname>
I type the code nathan gave and no luck.
I tried doing as admin and same thing
Loren’s instructions ( #99 ) above, worked great for me. Tried Nathan’s suggestion several times but no success. For ComboFix to work, it asked me to stop the real-time scanning that I had on McAfee. I didn’t get the auto reboot and the notebook log. Waited over 40 minutes. I then just shut down and restarted. All was good. Where do I to contribute to Combofix? THANK YOU!@Loren
Ladies and gentlemen… i have had this program atleast 5 times and it is annoying me but…its easy to remove….1st and formost… reboot your computer and backdate it via system restore to say…1-2 weeks ago..this usually gets rid of low grade viruses easily…another method is…i use the free “microstoft essentials thingy” it works so if you dont want to pay an arm and a limb i recommend trying option A backdating…if that dont work just use MSE :3 hope i helped the non computer savvy people ((btw this is what i use when i get viruses
Kylum:
Don’t you thing that you are doing something wrong if you are (re)infected 5 times?
NATHAN: the best Christmas present I could have asked for. It worked perfect for me. Better than paying geeks on patrol for help.
Just wanted to say Thanks to Nathan.
His info worked perfectly on fixing my Buddies laptop.
I restored back 15 days and am installing new antivirus and Update Malwarebyte as we speak !
@nathan
I need help, when I eneter the code it says system restore has been turned off by group policy.
@Tom N
We’ve had this virus for weeks … unfortunately System Restore has been affected by the virus as well — only one date given and that one doesn’t help. Think we’ll be having to buy a new computer since this one is so screwed up now … can’t get beyond the “blue screen of death” even in safemode
@Kylum
Could you give me steps on how to do this reboot?
@rj
really? Cause I waited an nothing happened, I couldn’t even backspace.
I have this freakin virus. Iseemed to remove the viruses but it erased my
c:\windows\syatems32\nvmctray.dlll
c:\windows\syatems32\nvcpl.dll
c:\windows\syatems32\nvraidservice.exe
I can’t do a system restore because it says that windows cannot find c:\windows\syatems32\rstrui.exe
Please help ty
@Nathan THX NATHAN!!!!!!!!!!!!!!!
I got the same rogue virus that blocked IE and actually replaced my MSE icon their fake shield on my taskbar. Microsoft sent me a solution, however, before I could use it my Microsoft Security Essentials ran a scheduled scan, found it, and removed it. You can access the web by using IE with no add-ons. If you don’t have MSE, I recommend downloading it. Its free from Microsoft and it did its job without the hassle of what everyone else is going through,
I would use system restore, but it says it’s turned off, and, no matter what I do, I can’t seem to turn it back on.
Thank you Loren, It removed my nightmare from my pc which has vista os. @Loren
Nathan: thanks a lot. I did the system restore on my wife computer and it worked. thanks
I used the step-by-step method Nathan recommendedand it worked like a charm! It did take a few tries to clear that @#$%^&* virus !!!!! Thank You
@nathan
I officially love you! Your instructions totally got the virus off my computer.
@admin Thank you for that info. I downloaded to a USB from another computer and inserted USB in infected computer and turned it back on. When I use the command prompt mode it runs through a series of “loading” and then goes to the login screen where it is frozen. I have tried the F8 when restarting but don’t get any further. Help please.
Run more alternate os scanners. Try Aviras, Nortons, etc.
and it always stops at system32\drivers\crcdisk.sys
@Fran
This is obviously an interesting virus. I ran MSE and it said no threat found.
well what i did was , i performed a system restore to about three days before I noticed this stupid malware, I have installed kaspersky pure on my system a couple of days before i got this shit. Anyway i when to their cite and got a malware killing software for free, i went to the support tab, then down by the left(in the technical support tab) i clicked on home products then it showed aloist with mnay things to download for free i downloades tssspyware killer and another one that sais kksomething, any way after that i ran the kk aplication and it deleted it all. But now this stuped virus is back. WTF
Bravo:
Get a program with realtime protection. Full version of Malwarebytes or SD is enough, though you might want to update your antivirus as well
you need a flash drive you download malwarebytes from another computer then put it in your computer open it and run the full scan and it will be fixed
@Lauren,
Thank you so much for your step by step instruction.
I have tried everything I could find (including Nathan’s) but it did not work.
Finally I tried the Combofix and it worked!
Hope everybody’s able to get rid of the stupid virus!
happy New Year to you all!
im wit you on that one…dam nerds have nothing better to do but to fuck with peoples lives…
NATHAN IS A GANGSTER!
You are not the only one. Surprised to be hit with this bug, looked like the real Mcoy, could not get rid of it. Read one of the comments on this website, restored my computer to a date when all was well. Started to work no problen hence I renewed my subscribtion to my security software instantly as I had let it expire. Thanks
So I have had a run in with this virus, and this will be the second time.
Here’s some tips I have encountered.
1) Have windows manager up and running, and when that little shit of a virus pops up, right click and click on properties. This will give you the location of the file.
2) End the process to the Vista Antivirus, and you should be able to access the internet.
3) I found this website, and entered one of the registration codes, and it seemed to get it to shut up for a while.
Now, I’ve used a command prompt to get rid of the file, which worked well with my other computer. Sad thing is, I don’t remember how I did it. Also, don’t bother downloading spyware doctor, you need to pay for it.
If I have more news, I will share.
Thanks Nathan that worked on my wifes computer it is now working properly
Thanks @Jeremy Preet! I followed your instructions and restored my system from a few days back, and that got rid of the virus. I honestly can’t thank you enough!!
@Nathan my hats off to you and a GIANT thank you! Followed your instructions and I’m back to normal. Many thanks!
This thing is a pain in my butt! I just got this virus yesterday. Thank god I found this site. Going to try what Nathan said to do. Fingers crossed that this works. I’ve already spent what feels like a day trying to figure it out.
Thanks!
My keyboard is still locked and it boots to the Windows Vista Ultimate screen and has the option for Administrator or myself to log in but the cursor will not move. I have tried all the OS downloads that were on the referenced site. I hit F8 while it starts up. I use the safe mode option and the USB stays lit up and I hear the computer running. But that’s it. After about 10 minutes the Windows vista screen saver comes on for a short period of time and then it goes back to the log in screen. I let it run for 12 hours and nothing. Any other suggestions?
Thank you
I did step by step as Nathan said only thing Different was I had to move the window to access the system restore. Thank you Nathan!
The malware seems to have removed my older backups so I wasn’t able to restore past the point the malware installed itself. I downloaded Combofix onto a portable storage stick and followed the instructions to load it onto the infected computer in safe mode. I restarted the computer and ran Combofix immediately before the malware could load. Combofix seems to have worked!!!! REMEMBER TO DISABLE YOUR ANTI VIRUS SOFTWARE WHEN RUNNING COMBOFIX. A POP UP WARNED THAT IT MIGHT INTERFER. Thanks to all of you and thank goodness for this site!!!!!
I have gotten it however, it is easy to get your computer functioning normally even with a few traces of it left. What you do is go into the registry by typing in regedit in search bar. Right click it and choose run as administrator, it will let you in that way. Once you delete the registry keys listed above or obtained from another site, your browser will be completely back to normal. You can surf the internet again as you please. Kill processes through your task manager the files have different names mine was xhu.exe after you delete the process you must open file location and delete the mother file and the messages will no longer pop up the icon will disappear.
is there a code to uninstall it because it won’t let me to the Internet it keeps blocking it
Thanks Nathan. Your solution really worked. This virus is…OMG. But I feel better now….THANKS AGAIN!
I followed nathans procedure. It worked. Thank god for sites like this and dudes like Nathan. I hope whoever invented this virus could put his genius to good use.
Thanks again site admin and nathan the man
My wife has her life on her computer. She knows nothing about computers and she was really concerned when her computer told her that there were a bunch of viruses on her computer.
I’m no expert, but I know when something smells fishy. So I found this site on my phone’s browser. Total life saver.
As an added note, my wife gives her thanks as well as a big kiss.
@Nathan….they are right…..you ARE the man!!!!!! Thanks so much!
Thank you Nathan. Both you and Tim Donst are THE MAN!!
GOD BLESS Nathan! Thank you!
LM,
Coimbra, Portugal.
If your want to see what you can recover, download Recuva, a free software to restore your files.
It worked, Nathan you’re the best! It took some time to figure out that I had to put it in safe mode with commands.
I will never again bitch about the Internet fee on my Verizon bill, holy cow just saved me hundreds?! Thank you Nathan so so much, system restore is running and hopefully everything will be good here on out. When my system boots back up, what do I need to do to prevent this in the future? I am SO plug and play computer illiterate. Thanks?!
@nathan Can you please help me remove this virus call Vista Antivirus 2012… Please Help
Nathan….Wanted to thank you for the above instructions… It worked! Thanks a bunch for sharing this with all of us.
Thanks for sharing how to remove this virus, your instructions have worked @nathan.
So Ive had this virus for a while and havent been ablte to get rid of it. My computer won’t boot now, it flashes a blue screen and goes back to trying to boot. Ive tried all the boot options on the menu but none work, What can I do?
i am using avast free anti virus:) no problems since. thanks for comments glad i could help some of you
I was fourteen when I rid my desktop of this horrible monster. After I improvised and did my own little thing with it, I managed to keep it from blocking me from the internet. But this little bugger ruined my compy’s speed. I hate it.