Vista Guardian - Dedicated 2-viruses.com

Vista Guardian is a rogue anti-spyware which has many different names that vary depending on what Windows OS runs the compromised PC. VistaGuardian can be also detected as Vista Antispyware 2010, Vista Guardian 2010 or Antivirus Vista 2010, so pay your attention to the design of all the messages which these programs load.

Every scam from this group, including Vista Guardian, is presented as Windows update at the beginning. Typically, Vista Guardian drops the only its file AV.exe which can be simply called the heart of this malware and makes this scam to launch every time your computer boots up. The other misleading activity of Vista Guardian is modification of certain Registry keys and browser’s hijack which will cause you fake firewall warnings stating that the site is a security risk and you are not allowed to visit it.

According to Vista Guardian, there are hundreds of various spyware on your computer. This malware displays fake pop-up ads and scanners and finally states that the only way to fix your computer and remove the “detected” infections is to install licensed version of Vista Guardian. Note: Vista Guardian does not and cannot detect any parasites on any compromised machine. It has no “licensed” version and the same program is simply worthless and surely should be avoided. Please, don’t fall into its tricks and spending your money for it. It is highly recommended acting the opposite and removing Vista Guardian right after you detect its malicious activity on your computer.

Automatic Malware removal tools

Download Spyhunter for Malware detection
(Win)

Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,

Download Combo Cleaner for Malware detection
(Mac)

Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,

Manual removal

Processes:

Files:

Registers:

HKEY_CURRENT_USER\\Software\\Classes\\.exe\\shell\\open\\command \"(Default)\" = \"%UserProfile%\\Local Settings\\Application Data\\av.exe\" /START \"%1\" %*
HKEY_CURRENT_USER\\Software\\Classes\\secfile\\shell\\open\\command \"(Default)\" = \"%UserProfile%\\Local Settings\\Application Data\\av.exe\" /START \"%1\" %*
HKEY_CLASSES_ROOT\\.exe\\shell\\open\\command \"(Default)\" = \"%UserProfile%\\Local Settings\\Application Data\\av.exe\" /START \"%1\" %*
HKEY_CLASSES_ROOT\\secfile\\shell\\open\\command \"(Default)\" = \"%UserProfile%\\Local Settings\\Application Data\\av.exe\" /START \"%1\" %*
HKEY_LOCAL_MACHINE\\SOFTWARE\\Clients\\StartMenuInternet\\FIREFOX.EXE\\shell\\open\\command \"(Default)\" = \"%UserProfile%\\Local Settings\\Application Data\\av.exe\" /START \"C:\\Program Files\\Mozilla Firefox\\firefox.exe\"
HKEY_LOCAL_MACHINE\\SOFTWARE\\Clients\\StartMenuInternet\\FIREFOX.EXE\\shell\\safemode\\command \"(Default)\" = \"%UserProfile%\\Local Settings\\Application Data\\av.exe\" /START \"C:\\Program Files\\Mozilla Firefox\\firefox.exe\" -safe-mode
HKEY_LOCAL_MACHINE\\SOFTWARE\\Clients\\StartMenuInternet\\IEXPLORE.EXE\\shell\\open\\command \"(Default)\" = \"%UserProfile%\\Local Settings\\Application Data\\av.exe\" /START \"C:\\Program Files\\Internet Explorer\\iexplore.exe\"
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center \"AntiVirusOverride\" = \"1\"
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center \"FirewallOverride\" = \"1\"

Vista Guardian - How to remove

Automatic Malware removal tools

Manual removal

TOC

Leave a Reply