Friday, March 19, 2010

Vista Antivirus Pro 2010 Removal GuideVista Antivirus Pro 2010 Removal Guide

Vista Antivirus Pro 2010 Removal Guide
Vista Antivirus Pro 2010 is a Vista based rogue anti-virus program from the same family of rogues as XP Guardian and Vista Antispyware 2010. Vista Antivirus Pro 2010 will produce fake system scan results to scare the Internet user into purchasing a licensed version of Vista Antivirus Pro 2010. This product is useless and will not remove any malware from the system.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
av.exe

Delete Registry
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_CLASSES_ROOT\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"

Remove Folders and Files
%UserProfile%\Local Settings\Application Data\WRblt8464P
%UserProfile%\Local Settings\Application Data\av.exe

No comments:

Post a Comment