Vista Antispyware 2010 also known as Vista Antivirus 2010, Vista Guardian, Vista Antivirus Pro and Vista Internet Security 2010 is a rogue antispyware program that reports false infections and shows numerous fake security alerts as an attempt to trick you into buying the software. This program is installed through the use of trojans. When the trojan is started, it will download and install Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) onto your computer.
During installation, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will register itself in the Windows registry to run automatically every time when you start an application (files with “exe” extension). The rogue also uses this method of running to block the ability to run any programs, including security applications.
Once running, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will start a system scan and list a large amount of infections. All of these infections are fake, so you can safely ignore them. What is more, while the rogue is running, it will display fake security alerts and notifications with “Spyware infection has been found” or “Tracking software found” header. However, all of these alerts are fake.
Last but not least, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will hijack Internet Explorer and Firefox and display fake warnings when you opening a web site.
As you can see, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) is scam, it is designed with one purpose to scare you into thinking that your computer in danger as a method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your PC as soon as possible. Use the removal guide below to remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) from your computer for free.
Use the following instructions to remove Vista Antispyware 2010 (Vista Antivirus 2010, Vista Guardian, Vista Antivirus Pro or Vista Internet Security 2010)
Step 1. Repair “running of .exe files”.
Method 1
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\secfile]
[-HKEY_CLASSES_ROOT\secfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.
Method 2
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
DelReg=regsec
AddReg=regsec1
[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\secfile
HKCR, secfile
HKCR, .exe\shell\open\command
[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.
Step 2. Remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) associated malware.
Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.
Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.
MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.
As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.
Malwarebytes Anti-Malware Window
Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) infection. This procedure can take some time, so please be patient.
When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian). MalwareBytes Anti-malware will now remove all of associated Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) creates the following files and folders
%AppData%\av.exe
%AppData%\WRblt8464P
Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) creates the following registry keys and values
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\secfile
HKEY_CURRENT_USER\Software\Classes\secfile\shell
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\av.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “secfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | @ = “”%AppData%\av.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | IsolatedCommand = “”%1″ %*”
Thanks soooooooooooooooooo much! I used methode 1 and it works perfect!
If you don’t have access to the internet like me because of thevirus just use methode 1 type it all in Notepad and follow the instuctions. You don’t need to download anything!!! Works super!
Thanks so much!!!!
Excellent. I used Method 1 and got result. Thans for your help.
Thanks for the good instructions! Followed step 1 then reboot, ran MWB’s = bye bye malware..:-)
I should add that I did it in Safe mode with networking and updated MalwareBytes then did the quick scan….
Thank-you very much for this!
My friend had gotten this spyware just later on today, and couldn’t open the internet explorer. I was able to look up this site and tell her what to do over Windows Live, and we were able to very easily (Well, not including the fact that she had no idea where ‘Run’ was. c:) removed the spyware. We got an error when we used the first method, and thought it wasn’t going to work, but after she restarted her computer the spyware was already gone! 🙂
Thanks again!
Melissa, what you do not understand in first step ?
I found another method. As long as you know the day you got the infection. Put in the registry code available on other sites on the topic. go to windows update history and check the most recent update before the infection with “security” somewhere in the title, this is the vista anti spyware disguised as a legit update and thats why it wasnt blocked. Go to the update list (should be listed in the window) and uninstall the update. Now run a spyware and virus program to get rid of the minor trojan.
Hey, thanks for the fix. It worked like a charm! However, just one small issue now. Whenever my windows starts up I now get the error message saying: Windows Defender – Application failed to initialize: 0x80070006. The handle is invalid. Is that because the registry was edited by fix.reg? How do I correct this? Thanks in advance for answering and for the time you’ve taken to help everyone with this nasty virus.
Thank you, it works.
many thanks patrik. it worked perfect.
Charlie, the fix.reg only affects the registry keys that has been damaged by the rogue.
Probably Windows Defender also has been damaged. Try reinstall it.
Thank you, method 1 worked perfectly, same with MBAM – only that MBAT found only 3 registries and 2 files (mainly it was hfg.exe).
thank you!!! ou save my laptop! I will tell people about your site
Haha..me 1 – virus 0….thanks a lot, just fixed my dads computer, he now thinks im the genius, but we all know you are! Thanks my friend, very much appreciated
Thanks to All
Working perfectly
Thanks& Regards
Laxman Rawal
OUTSTANDING!!!!!!
Thank you, thank you, this actually saved my life. I am the biggest idiot with computers (i had to ask my dad whether ‘rebooting’ was switching it off and on again) and Step 1 worked for me! And I’m revising at the moment so cannot afford to lose anything. THANK YOU
I have the problem described here, but my computer won’t even open notepad (it says ‘application not found’) or command– it just says I’m typing that wrong and it doesn’t exist. Any other way I can fix the poor bugger before I fix it with my fist??
Any comments are muchly appreciated!
Wow to the author of this. I just might love you for that. Thanks so much.
Thans very much for the info in this blog! I just pressed F8 while rebooting the system and iniciated System restore to a previous date from date of infection. Just that and Vista Antispyware is gone. As simple as that.
I removed Vista Windows Security 2012, but my Security Center is shut down and I can’t turn it on. It is also no in the Windows services, making my laptop weak to attacks. I also cannot access any web browsers despite being connected and able to connect to other online programs (i.e Skype, Steam). Also if I connect, other computers using the same internet lose access. I’d really appreciate the help.
I was sooo hoping this would help. I did both the fix.inf and fix.reg and I removed everything that showed up as a virus. and still I cannot access links via email it still says application not found. Any other ideas? I am not good with computers.