Vista Guardian is a rogue anti-spyware program that deliberately displays exaggerated scan results to make you think your computer has many infections and security/privacy risks. This program is usually promoted through the use of fake online scanners, that state that your computer is badly infected and that you should download and install Vista Guardian in order to remove infections and to protect yourself. When Vista Guardian is installed and active it will automatically perform a fake system scan when you login to Windows. After the scan it will display numerous infections of exaggerated security threats on your computer and then state that you should purchase the program in order to remove the infections or threats which don’t even exist. Don’t pay for this bogus software and uninstall it as soon as possible. If you are infected with this virus, then please use the removal guide stated below to remove Vista Guardian from your computer manually for free or with an automatic removal tool.
While VistaGuardian is running you will also find your computer flooded with various alerts stating that your computer is infected with malware. This program will hijack both Internet Explorer and Firefox to randomly display messages about insecure Internet activity when browsing the web and state that you should purchase Vista Guardian to protect your computer from possible attacks. These alerts, like web browser hijacks are just another attempt to trick you into believing that you are infected with Trojans, worms and other viruses. However, the worst thing is that this parasite blocks anti-virus and anti-spyware software as well as useful Windows functions (Task Manager and Regedit). In order to remove this virus you will have to either use another PC or re-enable default Windows registry settings. To do this, please use the guide below.
Vista Guardian removal instructions:
1. Click Start->Run (or WinKey+R). Input: “command”. Press Enter or click OK.
2. Type “notepad” as shown in the image below and press Enter. Notepad will open.
3. Copy and past the following text into Notepad:
4. Save file as “exefix.reg” (without quotation-marks) to your Desktop.
NOTE: choose Save as type: All files
5. Double-click to open exefix.reg. Click “Yes” for Registry Editor prompt window.
6. Download STOPzilla or an automatic removal tool below. Update STOPzilla and run a full system scan.
If you can’t complete the above steps then please use another PC to download an automatic removal tool and exefix.reg (Right Click (Save Target As)) to download file. Copy these files to USB flash drive or any other external media and transfer them to infected computer. Launch exefix.reg file first and then install STOPzilla.
Vista Guardian manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Dataav.exe" /START "%1" %*
HKEY_CURRENT_USERSoftwareClassessecfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Dataav.exe" /START "%1" %*
HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Dataav.exe" /START "%1" %*
HKEY_CLASSES_ROOTsecfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Dataav.exe" /START "%1" %*
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Dataav.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = "%UserProfile%Local SettingsApplication Dataav.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Dataav.exe" /START "C:Program FilesInternet Exploreriexplore.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = "1"