Home Malware Programs Rogue Anti-Spyware Programs Vista Internet Security 2010

Vista Internet Security 2010

Posted: February 1, 2010

ScreenshotVista Internet Security 2010 is a clone from the malicous rogue anti-spyware family that changes their names according to the Operating System they find running on the compromised computer. Vista Internet Security 2010 is no different from Vista Antispyware 2010 or Win 7 Antispyware 2010, and employs the same misleading tactics. Vista Internet Security 2010 produces fake system scan results to scare the Internet user into purchasing a licensed version. Vista Internet Security 2010 is a useless product and will not remove any malware from the system. Remove Vista Internet Security 2010 using a reliable anti-spyware product and do not become another hapless victim of cyber-crime.


ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

File System Modifications

  • The following files were created in the system:
    # File Name
    1 av.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "av.exe" /START "%1? %*HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command "(Default)" = "av.exe" /START "%1? %*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "av.exe" /START "iexplore.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1?HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1?

4 Comments

  • Vinoth says:

    Thanks. I think this manual procedure removed the virus. But I am not able to open IE or notepad. Can you please help

  • Alana says:

    Thank you guys! I did the registry fixes you suggested and sent that little runtass pop-up screaming for the hills. I really appreciate this! I could not find the first two registry values, the security overrides, though. The rest of it stopped that program dead in it's tracks. Again, thank you, I was kind of panicking until I realized that I could still use firefox.

  • racerX says:

    Thanks!
    Just right click on the process av and show its location. End the process before you can delete it!
    Stupid people make stupid things.

  • Rollin says:

    Thank you this worked very well and was very easy to follow your step by step instructions to remove. This was the third computer I have got this on andthis way was the best and fastest.

Loading...