Vista Defender Pro is a rogue antispyware program, new one clone of Vista Antispyware 2010, which is rogue too. The program have labeled as rogue antispyware because it simulates scanning of computer, and reports a lot of false infections. Vista Defender Pro usually installed itself onto your computer without your permission and knowledge through trojans and browser security holes. Once started, the trojan will download and install the rogue and after that, will register Vista Defender Pro in the Windows registry, to run automatically when you run any Windows application that have “.exe” extension.
When Vista Defender Pro is installed, it starts the process of scanning your computer whose result is the discovery of the set of trojans, viruses and other malicious programs. Do not rely on these results, as they are, and besides, the scanning process – it is a fake. Purpose they have one, to force you to believe that your computer is infected. So you can freely ignore all that this fake antispyware will show you.
While Vista Defender Pro is running you will be shown a lot of popups, nag screens and fake security alerts from Windows task bar. Of course, all of these warnings and alerts are fake and like false scan results supposed to scare you into purchasing so-called full version of the program. So you can safely ignore all that Vista Defender Pro gives you.
As you can see, Vista Defender Pro is scam and designed only for one – to trick you into buying the software. If you find that your computer is infected with this malware, then be quick and take effort to uninstall it immediately. Use the removal guide below to remove Vista Defender Pro from your computer for free.
Use the following instructions to remove Vista Defender Pro
Step 1. Repair “running of .exe files”.
Method 1
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\secfile]
[-HKEY_CLASSES_ROOT\secfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.
Method 2
Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
DelReg=regsec
AddReg=regsec1
[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\secfile
HKCR, secfile
HKCR, .exe\shell\open\command
[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.
Step 2. Remove Vista Defender Pro associated malware.
Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.
Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.
MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.
As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.
Malwarebytes Anti-Malware Window
Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Vista Defender Pro infection. This procedure can take some time, so please be patient.
When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Vista Defender Pro. MalwareBytes Anti-malware will now remove all of associated Vista Defender Pro files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Vista Defender Pro creates the following files and folders
%AppData%\ave.exe
Vista Defender Pro creates the following registry keys and values
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\secfile
HKEY_CURRENT_USER\Software\Classes\secfile\shell
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\ave.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1″ %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “secfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | @ = “”%AppData%\ave.exe” /START “%1″ %*”
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | IsolatedCommand = “”%1″ %*”
Method 1 served its purpose in that it seemed to deactivate defender. However, a quick scan by malwarebytes showed no evidence of infection. I’m currently running a full scan to see if that’ll make any difference.
Thanks for the information you’ve provided. I’ve had this problem for two days now, and yours is the first site which has actually been a help.
-Bob
Hey, I think this helped. Thanks!
thank you,
you saved my computer
first method did nothing. second method didnt do squat and i already had malwarebyte antimalware a long time ago
Hey I did all of this stuff like deactivating the defender and removing the infections that came up with Malwarebytes but even after I have rebooted my computer with all the infections deleted, the Vista Defender Pro virus still affects my computer as if I didnt do anything to fix it; its still at the bottom of the taskbar and still sends annoying pop-ups and alerts, and won’t let me do things such as surf the internet help please?
Julian, if the above instructions does not help you, then ask for help in our Spyware removal forum.
Totally worked in disabling Vista Defender. Thank you so much!!
Rad, method one seems to have worked however i cant seem to update malwarebytes for step 2.
I tried Method one and seems basically nothing works on my lap top now HELP!
Method 1 worked perfectly to disable the defender. Thanks alot!
Excellent instructions. My computer showed only blue screen and windows explorer. Found cmd.exe under windows\system32. Produced text 1 on laptop and saved on USB. Copied it to \system32\ and doubloeclicked it there.
Still reduced to blue screen and windows explorer and will continue with step 2 and repair of start-up routines.
Method 1 already works, Thanks.
Awsome site.
Method 1 worked for me! Thank you guys so so very much!! Ugh, this fake thing has been bothering a lot. It’s such a relief now, thank you so much… really. 🙂
Thank you so much, this damn virus has had me stumped for the last couple of days, method 1 worked like a charm (malwarebytes didn’t work at all)
Method 1 helped stopped it and I’m currently running Malwarebytes. Thank you!
Method no. 1 didn’t help much – it only slowed the program down enough that I was able to reopen some programs without interference.
However, in Vista the virus wouldn’t even let me get to the internet to open programs – but if I ran the program as an administrator it seemed to be okay. I’d reccomend doing this.
Method 1 worked on the PC I was given and Malwarebytes returned a clean slate.
Thank you so much for the share of knowledge.
With great appreciation
Method no 2 worked for me. Excellent instructions, thanks so much.
The option 1 worked a dream, ppl like you are a real blessing… Praise the Lord
Oh my god thank you so much!!! method 1 helped
Method 1 worked but does it fully remove it from your computer, or just disable it?
v.helpful! i couldn’t open my internet browser after getting this virus so i had to google this on my phone. this was the first result, followed method 1 and was very straightforward to get rid of the virus 🙂
I still can’t get the internet to work after removing the virus? What is going on…it says that its connected but both Mozilla and IE do not work, please help…
Justin, once finished (both steps), your computer should be free from the infection. Also you can check your PC using an online virus scanner.
Vivek, if you can`t connect to the Internet, then:
1. check proxy settings
2. CLick Start,Run, type cmd and click OK. In command console type in
ipconfig /flushdnsand then press ENTER (notice the space after ipconfig). Close the command prompt window. Reboot your PC and try to open any website.3. Try run WinSock XP Fix.
My Computer runs on Vista, and i cant find the “Run” Option in my start menu
Great – thanks for the help!
Jonah, Click Start, then in the “Start Search” field type
commandand press Enter. Now follow the steps above.Thank you so much. Method two worked perfect for me. You saved my school work and a lot of hassle!
EXCELLENT! The first method disabled “Vista Defender” completely. Before, I couldn’t even run safe mode without that crap popping up. I’m going to try to do a system restore now (before I couldn’t even pull the SysRestore panel up!!!!)
Thank you! 😀