Tuesday, October 2, 2012

How do I remove Vista Defender 2013 virus

Vista Defender 2013 is a new virus that rotates on the Web and searches for the vulnerable computers to drop its malicios code on them. In simple words to infect a computer. Vista Defender 2013 is also known as Win 7 Defender 2013 and XP Defender depending on the type of OS you use. This rogue does its best to steal your hard-earned money by deceiving you. We must admit though that this method is illegal allthough it is wide-spread one.

Vista Defender 2013 creates its own fake names of insecure objectives and launches fake system scanners and ends up with detecting before-mentioned names as viruses. Vista Defender 2013 offers to purchase its full version to clean your "badly infected system". Do not do that under any circumstances! If you do the purchase you will get nothing but lost time and money.

Vista Defender 2013 recommended removal steps

Step 1.

Run GridinSoft Trojan Killer: Click Win+R and type the direct link for the program's downloading If it does not work, download GridinSoft Trojan Killer from another uninfected machine and transfer it with the help of a flash drive.

Step 2.

Install GridinSoft Trojan Killer. Right click - Run as administrator. Run as administrator

IMPORTANT!

Don’t uncheck the Start Trojan Killer checkbox at the end of installation! checkbox checkbox

Manual removal guide of Vista Defender 2013 virus:

Delete Vista Defender 2013 files:

  • %LocalAppData%\[rnd_2]
  • %Temp%\[rnd_2]
  • %UserProfile%\Templates\[rnd_2]
  • %CommonApplData%\[rnd_2]

Delete Vista Defender 2013 registry entries:

  • HKEY_CURRENT_USER\Software\Classes\.exe
  • HKEY_CURRENT_USER\Software\Classes\.exe\ [rnd_0]
  • HKEY_CURRENT_USER\Software\Classes\.exe\Content Type application/x-msdownload
  • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
  • HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon\ %1
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command\IsolatedCommand “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\ “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command\IsolatedCommand “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\ Application
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\Content Type application/x-msdownload
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\DefaultIcon\ %1
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\ “[rnd_1].exe” -a “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\open\command\IsolatedCommand “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\ “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\[rnd_0]\shell\runas\command\IsolatedCommand “%1″ %*

from: http://www.deletemalware.net/vista-defender-2013-rogue-deletion-guide/#more-738
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)