Vista Security

March 30th, 2010
Home » Rogue Antispyware » Vista Security
Repair and protect your computer easily. Download Vista Security removal tool  

Vista Security description

Vista Security is a rogue anti-spyware application which is also a clone of XP Security and Win 7 Security malwares. This fraudulent program uses fake scan results, fabricated pop-ups and other misleading methods to scare you into believing that your computer is infected. Once installed and active, it will ask you to pay small fees for a full version of the program to remove infections that do not even exist. Do not buy it. You have to uninstall Vista Security from your computer as soon as possible.

Malware usually comes with the help of trojan which sneaks to the system through its vulnerabilities. When on board, Vista Security’s unregistered version starts appearing with fabricated scanners that give information about numerous of viruses supposedly being detected onto your PC. This is a scam and you need to ignore all displayed threats. Please, remove Vista Security from your machine and do this as soon as possible.

Manual Vista Security Removal


Vista Security processes:

MSASCui.exe
pw.exe
Help: A Guideline of Killing Malicious Processes


Vista Security registry values:

HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CLASSES_ROOT\pezfile
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"
Help: How to edit windows registry entries


Other malicious Vista Security files:

%UserProfile%\Local Settings\Application Data\opRSK
%UserProfile%\Local Settings\Application Data\pw.exe
%UserProfile%\Local Settings\Application Data\MSASCui.exe
%UserProfile%\AppData\Local\opRSK
%UserProfile%\AppData\Local\pw.exe
%UserProfile%\AppData\Local\MSASCui.exe

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete Vista Security, if you are not familiar with deleting malware manually.

Tags:

2 comments

Add your comment
  1. links of london uk says:
    December 6, 2011 at 4:40 pm

    It’s actually a great and helpful piece of information. I am satisfied that you just shared this helpful info with us. Please stay us informed like this. Thanks for sharing.

    [Reply]

    Reply

Trackbacks /
Pingbacks

  1. Remove Multiple Fake AV, Multiple Fake AV removal

Leave a Reply