Severity scale  
  (64/100)

Guard Online. How to Remove? (Uninstall Guide)

removal by - -   Also known as GuardOnline | Type: Rogue Antispyware
12

Guard Online is a rogue anti-spyware that has rather ineteresing graphicah user interface but after all it's just another malware with only one goal - to steal moeney from people. It is promoted through the use of malware, mostly trojan droppers, fake online scanners and infected websites. While running, Guard Online will block legit antivirus and anti-spyware programs, disable task manager and other useful system tools to protect itself from being removed. It's nothing more but a scam. If you find that your computer is infected with this reogue security program please use the removal instructions below to remove Guard Online from your computer either manually or with an automatic removal tool. If you have already purchased this fake program, then contact your credit card company immediately and dispute the charges.

Guard Online is is from the same family as AV Guard Online. It asks to pay for a full version of the program to remove viruses and to make your computer protected. Moreover, Guard Online displays fake security warnings claiming that your your PC is under attack and that your credit card information can be stolen by Zeus Keyloggers. Here are some fake security warnings generated by this fake antivirus program:

Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan Publisher: Unauthorized

Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.

It goes without saying that Guard Online should be removed from your computer as soon as possible. If you have problems removing this malware, use our removal instructions below. Keep in mind that this malware comes bundled with ZeroAccess rootkit. It can be very diffucult to remove this malware from your computer. If you won't remove the rootkit, Guard Online wil return after a few days or so. To completely remove this infection from your computer, please use an automatic removal tool below. You can also remove it manually, but we do not recommend doing this.

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Guard Online. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Guard Online. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes Guard Online (2011-10-10 15:09:42)
Plumbytes
We are testing Plumbytes's efficiency (2011-10-25 18:16)
Hitman Pro
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes Guard Online (2011-10-10 15:09:42)
Webroot SecureAnywhere AntiVirus
Guard Online screenshot
Guard Online snapshot

Guard Online manual removal

Kill processes:
[random].exe
csrss.exe
conhost.exe
Delete registry values:
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run
?€?gTZqjYCkIrOyAuS8234A=%SystemRoot%\system32\[random]?€?
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run
?€?conhost=%AppData%\Microsoft\csrss.exe?€?
HKEY_LOCAL_MACHINE\system\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings
?€?ProxyEnable=00000001?€ณ
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
?€?ProxyEnable=00000001?€ณ
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
?€?ProxyServer=http=127.0.0.1:53717?€ณ
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
?€?DefaultConnectionSettings=3C0000000B0000000?€ฆ?€?
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
?€?SavedLegacySettings=3C0000006B0000000?€ฆ?€?
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
?€?%RANDOM%=%AppData%\csrss.exe?€?
HKEY_CURRENT_USER\software\Microsoft\Windows NT\CurrentVersion\Windows
?€?Load=%SystemRoot%\system32\lvvm.exe"
HKEY_CURRENT_USER\software\Microsoft\Windows NT\CurrentVersion\Winlogon
?€?Shell=explorer.exe,%AppData%\conhost.exe"
Delete files:
%SystemRoot%\system32\[random].exe
%SystemRoot%\system32\[random].exe
%AppData%\[random]EAV Guard Online.ico
%AppData%\conhost.exe
%AppData%\csrss.exe
%AppData%\E84E.1B6
%AppData%\ldr.ini
%AppData%\[random]\
%AppData%\[random]\
%AppData%\[random]\
%AppData%\Microsoft\csrss.exe
%UserProfile%\Desktop\Guard Online.lnk
%Temp%\4F.tmp
%Temp%\53.tmp
%Temp%\54.tmp
%Temp%\55.tmp
%UserProfile%\Start Menu\Programs\Guard Online\
%UserProfile%\Start Menu\Programs\Guard Online\Guard Online.lnk

Geolocation of Guard Online

Map reveals the prevalence of Guard Online. Countries and regions that have been affected the most are: India, Pakistan, Philippines, Ireland and United States.

Information updated:

Comments on Guard Online

0
0
wasim
how to get directory list?

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)