How to remove XP Guardian rogue anti-spyware

Malware Description:
XP Guardian (aka XPGuardian) is one of the numerous examples of the undoubted fact that the worldwide web is very unsafe nowadays. XP Guardian is a rogue antivirus program as it promises a lot but fulfills pretty much nothing. The activity of XP Guardian is bound to trespassing on your computer, modifying Windows Registry and getting to control your entire system functioning. As XP Guardian is running, it will state you have lots of dangerous applications such as keyloggers, worms, trojans and spyware. This information is a deceit and it’s communicated via fake popup alerts and falsified virus scanners which jump out of the blue once you start logging into Windows. The whole idea of this sort of tactics is to make it look as if there were loads of infections on your computer and XP Guardian were just the perfect software to get rid of them all instantly. Do not believe all the scam XP Guardian tells you about. The program is way too worthless and misleading to be trusted at all. XP Guardian vendors are hackers who are evidently trying to get through the financial crisis with some fraudulent income. XP Guardian will ask you to purchase and activate its full version but be sure to abstain from following such bad recommendations. It’s best to remove XP Guardian before it goes into its final phase and ruins your system unless you buy its license. XP Guardian can cause your system to freeze and work slower than normal. Additionally, XP Guardian can ‘welcome’ many more parasites into your computer system through security holes it spots and opens up. Please be wary of XP Guardian rogue software and uninstall it as soon as you notice its very first traces on your machine.

Malware Type: Rogue Anti-Spyware

Malware Author: Unknown

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

XP Guardian Free Scanner and Remover: Download Now

XP Guardian Screenshot:

XP Guardian

How to remove XP Guardian manually:
Manual removal of XP Guardian is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.

The files to be deleted are listed below:

  • %Documents and Settings%\[UserName]\Application Data\av.exe
  • %Documents and Settings%\[UserName]\Application Data\WRblt8464P

The registry entries that need to be removed are as follows:

  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″

Please, be aware that manual removal of XP Guardian is a cumbersome process and does not always ensure complete deletion of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal XP Guardian, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Download XP Guardian Automatic Remover

Like This Article? Let Others Know!

Reader's Comments:

  1. johanna |

    dear author

    what should i do if i did fall for their scam? unfortunately i already bought their fraud and have given my credit card details. will they use the details against me, and should i still delete their program?

    this is urgent i would love for you to respond

  2. admin |

    Hi Johanna,
    Crooks like these usually take the money paid and run off.
    So their main objective is to make you actually buy the license for their nasty product. We believe the credit card details you provided shouldn’t be used against you further. Anyway, that’s how it usually happens with rogue anti-spyware vendors.

  3. Bonnie |

    Thanks for the removal instructions. However, there is one little detail that you need to add. If you removed the registry entries above as instructed, you will end up a file association error when you try to launch all .exe programs. To avoid this error, just edit the registry entries instead of deleting them. Delete all but the “%1″ %* from the entry.

    And for those who have already deleted the entries and now are unable to run REGEDIT or open a Command Prommpt to fix, you can open the registry editor via the Task Manager. Just click File, then hold down the CTRL key and click New Task (Run). This will open a Command Prompt window. Enter REGEDIT.exe and press enter. Hopefully you made a backup of your registry before you started editing. Just restore it and try again.

Post a Comment: