Vista Antispyware 2010 also known as Vista Antivirus 2010, Vista Guardian, Vista Antivirus Pro and Vista Internet Security 2010 is a rogue antispyware program that reports false infections and shows numerous fake security alerts as an attempt to trick you into buying the software. This program is installed through the use of trojans. When the trojan is started, it will download and install Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) onto your computer.
During installation, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will register itself in the Windows registry to run automatically every time when you start an application (files with “exe” extension). The rogue also uses this method of running to block the ability to run any programs, including security applications.
Once running, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will start a system scan and list a large amount of infections. All of these infections are fake, so you can safely ignore them. What is more, while the rogue is running, it will display fake security alerts and notifications with “Spyware infection has been found” or “Tracking software found” header. However, all of these alerts are fake.
Last but not least, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) will hijack Internet Explorer and Firefox and display fake warnings when you opening a web site.
As you can see, Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) is scam, it is designed with one purpose to scare you into thinking that your computer in danger as a method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your PC as soon as possible. Use the removal guide below to remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) from your computer for free.
Use the following instructions to remove Vista Antispyware 2010 (Vista Antivirus 2010, Vista Guardian, Vista Antivirus Pro or Vista Internet Security 2010)
Step 1. Repair “running of .exe files”.
Method 1
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\secfile]
[-HKEY_CLASSES_ROOT\secfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.
Method 2
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
DelReg=regsec
AddReg=regsec1
[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\secfile
HKCR, secfile
HKCR, .exe\shell\open\command
[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.
Step 2. Remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) associated malware.
Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.
Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.
MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.
As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.
Malwarebytes Anti-Malware Window
Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) infection. This procedure can take some time, so please be patient.
When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian). MalwareBytes Anti-malware will now remove all of associated Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) creates the following files and folders
%AppData%\av.exe
%AppData%\WRblt8464P
Vista Antispyware 2010 (Vista Antivirus 2010 or Vista Guardian) creates the following registry keys and values
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\secfile
HKEY_CURRENT_USER\Software\Classes\secfile\shell
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\av.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “secfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | @ = “”%AppData%\av.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | IsolatedCommand = “”%1″ %*”
one question i already had the malwarebyte on my comp.. before the 1st step
just updated it… will it make any differance????
This was the best help I’ve ever had, thank you so much !
Many thanks for all the guidelines, I spent approx 3 hours dowloading the free anti-malware but nothing worked.. at the last tried Step 1. Repair “running of .exe files” and that worked fantastic..
Thanks a lot for making my system work again as normal..
Well Done …..
My sister’s laptop just got the dreaded Vista Guardian. One major issue is that I can’t access ANYTHING on her user. When her profile boots up, there are about 3-4 windows for VG and a black screen. You can move the mouse around, but there isn’ anything to click. Opening up task manager, there aren’t any programs running either.
Any advice/help that I could use? She isn’t too happy, as one can guess, and any way to get around this is appreciated.
hello, i seemed to have removed the malware using MWB but it messed up my laptop’s registry badly. i can’t login to vista normally (must be in safe mode). also, i can’t run .exe applications anymore. any ideas on how to fix it? thanks!
fixed the exe file association problem by editing the registry but i cant still login to windows normally. help pls!
Jb, what shows your PC when you trying to start ?
deepak, no different. Is ok.
William, you can open Task Manager ?
Jorem, now you can`t boot your PC in normal mode ?
Just vista spyware shows aswell I’ve got it to work now but malware is not picking up the virus
what do i do with the fix.reg file after virus is removed? do i delete that file?
Bob, manually remove the files.
Jb, ask for help in our Spyware removal forum.
Thankyou for this guide – completely solved the problem for me. The ‘Malwarebytes Anti-Malware’ software is free (unlike others I found) and effective. Great work – much appreciated!
I did what you said and i think it worked but it only said 4 items infected. Did it still work?
hah, just by the ”buy to get rid of the infections (or something like that)”, I figured it was rogue.
Thanks for the info! Quick and efficient.
I did all the steps and I removed a big list of crap after the scan. But after I rebooted my computer it was still there. Can somebody please help me out? I really need my computer to do homework!
Please help i did the fix.reg and i did it but then it said something about binary
then i ignored it and did the malware program it deleted everything and i rebooted and i still have it on my computer please help me thanks
I still cant see what i said it removed it
I did this, PC won’t even boot in safe mode now. I had to physically unplug it to stop the cycle of it trying to boot and failing.
Bryce, probably your PC is infected with a new variant of the rogue. Ask for help in our Spyware removal forum.
Andres, check what you have inserted into notepad. The fix should have “Windows Registry Editor Version 5.00” as first line.
Tracy, what shows your pc, when trying to boot it?
I downloaded and clicked Finish. A window appeared and instantly disappeared. Now I have no window. I have a desktop icon, but the program will not open. Help greatly desired.
I opened it up in notepad but it just says this as first line,[-HKEY_CURRENT_USER\Software\Classes\.exe]
I believe I might be well and truly stuffed. I rebooted and now I’m getting it at startup. Thing is, the background is all black and I have no damn start menu or system tray or whatnot and now I can only access the internet by clicking ‘purchase full version’ to load the browser and rightclicking and choosing ‘open in new browser’. Is there an online removal tool? One that doesnt require downloading? I don’t think I’ll be able to access a downloaded file as I my windows key wont load the start menu either >_<
Thank you very-very much!!! That worked just fine.
Try run fix.reg once again. If it does not help, then open a new topic in our Spyware removal forum.
Andres, you have missed first line. Look above (first step) and make a new fix.reg,