Windows Vista Repair
Windows Vista Repair is a fake computer analysis and optimization application that will issue fake error information in order to deceive users about issues present on the system. It was found out that Windows Vista Repair virus will be installed via Trojan that will be introduced on fake error messages when visiting a malicious web sites. These messages will state that problems on the computer was diagnosed and will advise to download the fix by endorsing Windows Vista Repair. When clicked, the rogue application will begin to download and instantly installs on the computer.
Once loaded, Windows Vista Repair will modify system settings and add its own entry to the registry that will allow itself to run when Windows is started. It will continuously display fake warnings and alert messages. Internet browsing will also be affected by Windows Vista Repair when it starts to redirect browser to unsolicited web sites. Some Windows functionalities are also disabled such as task manager and registry editor. From time-to-time, a pop-up to purchase the registered version of Windows Vista Repair will be displayed. The only way to remove this threat and bring back computer to its normal working state is to download, install and scan with a trusted and powerful anti-malware application. Ignore Windows Vista Repair and all of its pop-ups. Rogue programs were developed to scam users and steal money from its victims.
Screen Shot Image of Windows Vista Repair:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Windows Vista Repair Removal Procedures
Manual Removal:
1. Press Ctrl+Alt+Del on keyboard to stop process associated to “Windows Vista Repair”. When Windows Task Manager opens, go to Processes Tab and find and end the following process:
(random characters).exe
2. You need to update your installed antivirus application to have the latest database.
3. Thoroughly scan the computer and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to Windows Vista Repair Virus.
4. Registry entries created by Windows Vista Repair must also be remove from the Windows system. Please refer below for entries associated to the rogue program. [how to edit registry]
5. Exit registry editor.
6. Get rid of Windows Vista Repair start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s):
(random characters).exe
7. Click Apply and restart Windows.
Windows Vista Repair Removal Tool:
In order to completely remove the threat, click here to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected machine.
Scan with Portable Antivirus:
Most of the time, Trojan associated with a rogue program will disable Windows functionalities and prevent execution of any application including antivirus program locally installed. If this happens, you can try using a McAfee Portable Antivirus called Stinger. You can download it for free.
Technical Details and Additional Information:
When Windows Vista Repair is installed, it will display excessive fake alerts and warning messages as an scare tactics to mislead victims:
Hard Drive Failure
The system has detected a problem with one or more installed IDE / SATA hard disks. It is recommended that you restart the system.
Critical Error
Hard drive critical error. Run a system diagnostic utility to check your hard disk drive for errors. Windows can’t find hard disk space. Hard drive error.
Malicious Files Added by Windows Vista Repair:
C:\ProgramData\\Application Data\<random>.dll
C:\ProgramData\\Application Data\<random>.exe
C:\ProgramData\\Application Data\<random>.exe
C:\Users\<Current User>\Desktop\Windows Vista Repair.lnk
C:\Users\<Current User>\Start Menu\Programs\Windows Vista Repai
C:\Users\<Current User>\Start Menu\Programs\Windows Vista Repair\Uninstall Windows Vista Repair.lnk
C:\Users\<Current User>\Start Menu\Programs\Windows Vista Repair\Windows Vista Repair.lnk
Windows Vista Repair Registry Entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>”
Steph
Jun 21, 2011 @ 18:39:21
Thanks – this was a help in getting rid of the virus, but my data is still missing. Someone suggested it might just be hidden rathere than deleted. Any ideas how I get all my documents and photos back, or do I need to take my laptop to be fixed in a computer shop?
Lyle
Jun 22, 2011 @ 16:42:44
I’m having the same issue as Steph. My data is missing as well. I also believe they are hidden. How do we restore our data after following your instructions to remove Windows Vista Repair?
Heather
Jun 25, 2011 @ 15:45:35
I got rid of it too! Wish someone can bring my data back too! I lost 6 years of my child’s pictures and I am in tears :(
Thanu
Jun 27, 2011 @ 02:04:49
I got that too. the good news is all files just on hidden. what you can do by yourself is checking to your local disk (normally is in drive c:), go to your folder, right click and click properties,then you un-click the hidden box. Then all files will show up again.