Vista Antispyware 2010 also known as Vista Antivirus 2010, Vista Guardian, Vista Antivirus Pro and Vista Internet Security 2010 is a rogue antispyware program that reports false infections and shows numerous fake security alerts as an attempt to trick you into buying the software. This program is installed through the use of trojans. When the trojan is started, it will download and install Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) onto your computer.
During installation, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will register itself in the Windows registry to run automatically every time when you start an application (files with “exe” extension). The rogue also uses this method of running to block the ability to run any programs, including security applications.
Once running, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will start a system scan and list a large amount of infections. All of these infections are fake, so you can safely ignore them. What is more, while the rogue is running, it will display fake security alerts and notifications with “Spyware infection has been found” or “Tracking software found” header. However, all of these alerts are fake.
Last but not least, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will hijack Internet Explorer and Firefox and display fake warnings when you opening a web site.
As you can see, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) is scam, it is designed with one purpose to scare you into thinking that your computer in danger as a method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your PC as soon as possible. Use the removal guide below to remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) from your computer for free.
Use the following instructions to remove Vista Antispyware 2010 (Vista Antivirus 2010, Vista Guardian, Vista Antivirus Pro or Vista Internet Security 2010)
Step 1. Repair “running of .exe files”.
Method 1
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\secfile]
[-HKEY_CLASSES_ROOT\secfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.
Method 2
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
DelReg=regsec
AddReg=regsec1
[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\secfile
HKCR, secfile
HKCR, .exe\shell\open\command
[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.
Step 2. Remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) associated malware.
Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.
Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.
MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.
As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.
Malwarebytes Anti-Malware Window
Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) infection. This procedure can take some time, so please be patient.
When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian). MalwareBytes Anti-malware will now remove all of associated Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) creates the following files and folders
%AppData%\av.exe
%AppData%\WRblt8464P
Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) creates the following registry keys and values
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\secfile
HKEY_CURRENT_USER\Software\Classes\secfile\shell
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\av.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “secfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | @ = “”%AppData%\av.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | IsolatedCommand = “”%1″ %*”
hieu, try the following:
* Click My computer.
* Click the Tools menu and click Folder Options.
* After the new window appears select the View tab.
* Put a checkmark in the checkbox labeled Display the contents of system folders.
* Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
* Press the Apply button and then the OK button.
* Now your computer is configured to show file extensions for known file types.
Navigate to C:\ Windows \ System32 folder.
Copy notepad.exe to your desktop.
Right click to it, select rename and type notepad.com
Run it.
Jared, anyway try scan your PC with Malwarebytes.
You have tried ping any site ?
thanks, it worked well, but my laptop doesn’t connect to the internet after I fixed it
need some help here! iam having the same problem as hieu and i listend to patrik but when i go to the C: Windows System32 folder i dont have a notepad.exe in there so what do i do?
what these guys are telling is 100% right.
The only problem many of us facing or faced (like me)is you cant open ANY program! In order to carry out these methods is by entering in Safe Mode(With Networking) because normal mode wont let u do shit basically! Just follow Method 1 and 2 in Safe Mode once you done that enter START WINDOWS NORMALLY which will appear after restarting your laptop/pc and your are sorted.
rick, you can also to use a wordpad (only save file in txt format). And try search notepad and wordpad in C:\Windows folder.
so i what i did was turn my laptop off with the on/off button, started it up n picked safe mode with networking. i could get to the notepad n everything else but i didnt do anything all i did was restart the laptop the right way n the virus was gone. i had no problem opening anything, so i ran my malwarebytes program n it took care of everything. i dont know how that happened……MAGIC!!!
when i try to run command, it doesn’t let me.
it says \application cannot be executed. the file ntvdm.exe is infected. do you want to activate your antivirus software now?\
please help! i can’t open Malwarebytes because i get a similar message (instead of ntvdm.exe, it says mbam.exe) =(
i’ve tried restarting the computer in safe mode with networking and unchecking the proxy but that doesn’t help me and i still can’t connect to the internet….what do i do?
please tell me any free antivirus programs that will actually get the job done
ash, you can run notepad w/o using command. Try the following steps:
* Click My computer.
* Click the Tools menu and click Folder Options.
* After the new window appears select the View tab.
* Put a checkmark in the checkbox labeled Display the contents of system folders.
* Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
* Press the Apply button and then the OK button.
* Now your computer is configured to show file extensions for known file types.
Navigate to C:\ Windows \ System32 folder.
Copy notepad.exe to your desktop.
Right click to it, select rename and type notepad.com
Run it.
Notepad opens, then follow the steps above.
i tried this. turned off the proxy server, still cant get on. help please!
Wont let me Open internet explorer or wont run when i put the command into “Run”. Each time it says cant open due to virus – help !!!!
Fiona x
I found by booting into safe mode and running spybot search and destroy, It worked a charm
ryan, you have completed the first step above ?
Fiona, follow the steps from my answer to ash (Comment by Patrik — May 12, 2010).
Where do i find the windows system 32 folder ?? I dont know how to navigate !! Sorry for being daft – im jst not very good with computers as you can prob tell !!
Fiona, open a system disk (C by defaults), open Windows folder, then open System32 folder.
I was able to get the fix.reg installed, and got my internet explorer back running. Then i hit the big “downloaded” button and “spyware doctor with antivirus” has been installed – I have never seen this mentioned on this site before. The spyware doctor checked my computer and found threats that need to be removed but its asking me to purchase it as my free trial only detects the treats but I need to pay to have them removed. is this correct ?
Fiona, click to the Malwarebytes Anti-malware link in the step 2 above once again. Scroll down to a download link.
Thank you so much for this! This has helped me so many times. This damn virus! Seriously, thank you.
Hi Patrik
I tried using the suggestions you gave Ash but I’m having trouble finding the tools menu under My Computer? I have windows vista. Thank you.
Nevermind, I found the “tools” menu and I followed the steps. Even after renaming to notepad.com, the popups won’t let me run it. What should I do?
John, try rename to 123.scr or 123.bat
umm this sucks…9 (no the website or the method)i tried runnign run and typed in command, but my thingy the bullshizz crap wont let me even press enter after typing in command!!!! =( i am so sad rgiht now =(!!!
some one plz help mua T.T me loves me computar, plz help mua T.T
please help! I had the vista virus , and I didn’t know it said method 1, and method 2. I read it as step one and step 2. So I did them both then restarted my computer on accident. When it came back one everything was gone, I finally got back my internet. I can play music but only when I go the file and click play with Itunes. if I simply chick on the itunes icon, a internet box wil pop up and it is non-stop, then CPU hits 100, and I have to try my best and get the Task manager to close them all. I sitll do not have any programs though, the calculator that comes with computer, I can’t get to the system restore, every program I have is gone and when I try to click on them, all the pop-ups come up. And i still have the fix.reg and the fix.inf files on my desktop.
Help me.
Download fix1.zip from here, unzip it. Right click fix.inf and select Install.
Jada, please begin a new topic in our Spyware removal forum. I will check your PC.
I tried to do the new topic thing, but I was unable to download the Hijack this. Its like I did both of method 1 and 2, the virus was removed along with everything else in my computer. Certain programs such as skype (Webcam chat) got removed, and I am unalbe to download for some reason. I can still download files, but it seems to not let me download programs.
Jada, use another PC to download the suggested apps above.
it doesn`t work on my pc
if i want to open notepad or command prompt it closes automaticly.What should i do now ?
please help