Vista Defender

March 29th, 2010
Home » Rogue Antispyware » Vista Defender
Repair and protect your computer easily. Download Vista Defender removal tool  

Vista Defender description

Vista Defender is a counterfeit security program pretending to be a computer protection tool. It comes to the system with the help of trojan. Trojan creates holes onto your computer and makes possible for parasites to sneak.

Once your PC is started malware starts to act like legitimate security tool. It starts to scan your computer and then when it’s finished your desktop is flooded with all kinds of security issues. Those usually state that your PC is at a very high risk. The parasite will offer you to pay small fees for legal and registered version of Vista Defender tool. This is a fraud and it’s malicious. Do not purchase it, because it may cause you serious problems. Malware also is able to redirect your browser to malicious web pages that advertises bogus system as a legitimate protection tool. You’ve better choose decent anti-spyware program and remove malicious application upon detection.

Manual Vista Defender Removal


Vista Defender processes:

ave.exe
Help: A Guideline of Killing Malicious Processes


Vista Defender registry values:

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1?
Help: How to edit windows registry entries


Other malicious Vista Defender files:

ave.exe

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete Vista Defender, if you are not familiar with deleting malware manually.

Tags:

Leave a Reply