HELP - Vista Guardian 2010 virus

HELP!!!
I have this virus called "Vista Guardian 2010" and it won't let me run Malwarebytes, my anti-virus program or anything else. A box pops up telling me about all these infections and to buy their program! I can't even get into "safe-mode(F8) to try to run Malwarebytes to get rid of it like an article on the net said to do. Is there any way to get into safe-mode other than F*? I can't get into system restore either! Thanks for any help with this!

stop: av.exe
remove:

Code:

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*

remove:

Code:

\%Documents and Settings%\[UserName]\Application Data\av.exe
%Documents and Settings%\[UserName]\Application Data\WRblt8464P

Tews said:

It is strongly recommended that your backup your registry before you proceeding with this method.

Kill the following process:

av.exe

Delete the following registries entries:

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1?

Delete the following if you have Firefox installed:

*HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode

Search and remove the following files:

av.exe

Wouldnt backing up my registry also include backing up the virus into the registry?...Sorry just new at all of this...Thanks for your help.

technically yes, however if you ruin something, it's easier to recover with a virus filled registry then having nothing. /wink

Now it won't let me into the Registry to delete the keys u guys recommended. I don't have restore discs as well to restore the entire system

canspec said:

Now it won't let me into the Registry to delete the keys u guys recommended. I don't have restore discs as well to restore the entire system

Did you get an error when trying to run "regedit"?