Vista Guard. How to remove? (Uninstall guide)

removal by Julie Splinters - -   Also known as VistaGurad | Type: Rogue Antispyware
12

Vista Guard is not what you may think – after checking it with a reputable updated anti-spyware you will clearly see that it is a malware. It’s definitely not a legitimate anti-spyware dedicated for computers running Windows Vista, but a rogueware which will try to steal your money. This program was designed quite differently from other “popular” and “famous” roguewares because just after intrusion it sets its name according to the OS it finds. So, if your computer runs Windows XP, it may get XP Guard secretly installed.

However, no matter how it is called, Vista Guard belongs to the huge dangerous family of viruses that all have been noticed in the middle of November. More than twenty rogue anti-spywares all look and act identically and begin everything with a secret intrusion. Vista Guard also relies on trojans that use security vulnerabilities to get inside undetected. Then, they viruses also modify some system parameters to make Vista Guard launched after every reboot of computer. This penetration becomes clear when malware starts showing its fake system scanners, alerts and notifications. These scanners will definitely claim that there are numerous viruses on your PC and that your system security is in danger. However, in reality cyber criminals are trying to make you believe that Vista Guard is actually scanning your computer for infections and detecting malicious activity eventually. Here are the examples:

Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
– Dangerous code found in this site’s pages which installed unwanted software into your system.
– Suspicious and potentially unsafe network activity detected.
– Spyware infections in your system
– Complaints from other users about this site.
– Port and system scans performed by the site being visited.
Things you can do:
– Get a copy of Vista Antispyware 2011 to safeguard your PC while surfing the web (RECOMMENDED)
– Run a spyware, virus and malware scan
– Continue surfing without any security measures (DANGEROUS)
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.

Please, do not fall for Vista Guard deceptive notifications and alerts that only seek to create a need of anti-spyware program. Additionally, Vista Guard will offer to purchase its so called “full” version for removal while it is not capable to do nothing but infect your computer even more. This classic tactics should be ignored, but keep in mind that you must remove Vista Guard. Please, see more information on this below.

How to remove Vista Guard:

a) Burn these programs to CD or write them to USB disk. You can use your MP3 player, or smartphone if it has storage functions. This parasite does not spread through USB at the moment:

1. STOPzilla or an automatic removal tool below. Update STOPzilla and run a full system scan.

2.You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.

b) Boot normally. Wait for Vista Guard to launch, and run exeregfix.reg . This should allow launching legitimate programs

c) Delete or remove the files that are mentioned in our files box. You can use STOPzilla to identify the infected files and additional infections or automatic Vista Guard removal tool. Do not forget update it before scanning. Remove what it finds.

d) Scan with STOPzilla and secondary tools and reboot your PC. This should fully get rid of Vista Guard.

NOTE!!!!It has been announced about a serial code that may help you to disable those malwares that change their names according to OS they find. Enter this serial code when doing registration: 1145-17884799-7733. This and the order number 21197673 should also work for earlier versions of this type of parasite. After typing them, you should become able to use your anti-spyware, if it fails follow the guide written abov. Be aware that these numbers are expected to change in the near future!

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Vista Guard you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Vista Guard. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

Vista Guard manual removal:

Kill processes:
pw.exe

MSASCui.exe

Delete registry values:
HKEY_CURRENT_USERSoftwareClassespezfile

HKEY_CLASSES_ROOTpezfile

HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_CURRENT_USERSoftwareClassespezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_CLASSES_ROOTpezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode

HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesInternet Exploreriexplore.exe"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = "1"

HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = "1"

Delete files:
%UserProfile%Local SettingsApplication DataopRSK

%UserProfile%Local SettingsApplication Datapw.exe

%UserProfile%Local SettingsApplication DataMSASCui.exe

%UserProfile%AppDataLocalopRSK

%UserProfile%AppDataLocalpw.exe

%UserProfile%AppDataLocalMSASCui.exe

About the author

Julie Splinters
Julie Splinters - Malware removal specialist

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

More information about the author