• Vista Antispyware 2010 & can't run .exes or use system restore
    7 replies, posted
The title says it all. I have a virus on my computer called "Vista Antivirus 2010" which is slowing it down a ton and causing annoying messages to appear that say I have stealth intrusions and shit. Now I can't run .exe files (Tried games, antiviruses, none work.) And I can't use System restore. I'm trying booting my computer up in Safemode, but I want help that doesn't involve a reformat.
[url]http://www.bleepingcomputer.com/virus-removal/remove-vista-antivirus-2008[/url] It is the same process i heard.
Malwarebytes didn't catch it, trying Spybot S&D.
I had this too. Google it. There are some registry entries you can delete to get rid of it.
I think it's gone. I deleted the right registries and ran MalwareBytes again (Caught 3 viruses, two I was 100% sure were the virus I was looking for), now it seems to be gone. I'm going to reboot, hopefully it's gone.
Ah, I had this a couple days ago. [del]It should have caught more than 3 though...[/del] actually, it looks like 3 is the correct number here. Here's the quarantine list from when I had this infection. [img]http://img246.imageshack.us/img246/1310/antimalware.png[/img] Hopefully Malwarebytes removed a directory called SelectRebates from your computer.
ha, Familiar with this one. What you should do... The process is called av.exe right? These are the possible locations it can be stored: %System%\av.exe %Temp%\av.exe %Temp%\ixp000.tmp\av.exe %UserProfile%\av.exe %Windir%\av.exe %Windir%\iexplore.exe Find it, stop the process, delete it. Next... Start -> Run -> regedit. Find all av.exe strings and delete them all! Next add these things to your registry, to get back acces to .exe, com and .msc files: [url]http://dl.dropbox.com/u/4081738/comfix_vista.reg[/url] [url]http://dl.dropbox.com/u/4081738/exefix_vista.reg[/url] This is what is missing if you don't trust the .reg files and want to do it all by hand... [code][HKEY_CLASSES_ROOT\comfile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\comfile\shellex] [/code] and presto, its gone... darn amateurs [b]Explanation of what it does:[/b] The process binds to all .exe files. you can no longer open com/msc/exe extensions. Meaning that when you Shellexecute them it starts the process. The process is a fake anti-virus that supposedly finds malware, trojans and other infections on your computer. In order to remove them you need to buy the full version, as this shows up as a trial version. You buy it, they steal your money. And to think that people actually fall for this one... [b]Why so helpful? ... I had it too, I hated it and got rid of it BY HAND, now its your turn.[/b] (And I hope people will help me with my problem too...)
Lol decided to do a shits and giggles mbam full scan to see if I've picked any goodies up :v:.
Sorry, you need to Log In to post a reply to this thread.