Remove Guard Online

Removal instructions

Severity scale:  (64 / 100)

Guard Online is a rogue anti-spyware that has rather ineteresing graphicah user interface but after all it's just another malware with only one goal - to steal moeney from people. It is promoted through the use of malware, mostly trojan droppers, fake online scanners and infected websites. While running, Guard Online will block legit antivirus and anti-spyware programs, disable task manager and other useful system tools to protect itself from being removed. It's nothing more but a scam. If you find that your computer is infected with this reogue security program please use the removal instructions below to remove Guard Online from your computer either manually or with an automatic removal tool. If you have already purchased this fake program, then contact your credit card company immediately and dispute the charges.

Guard Online is is from the same family as AV Guard Online. It asks to pay for a full version of the program to remove viruses and to make your computer protected. Moreover, Guard Online displays fake security warnings claiming that your your PC is under attack and that your credit card information can be stolen by Zeus Keyloggers. Here are some fake security warnings generated by this fake antivirus program:

Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan Publisher: Unauthorized

Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.

It goes without saying that Guard Online should be removed from your computer as soon as possible. If you have problems removing this malware, use our removal instructions below. Keep in mind that this malware comes bundled with ZeroAccess rootkit. It can be very diffucult to remove this malware from your computer. If you won't remove the rootkit, Guard Online wil return after a few days or so. To completely remove this infection from your computer, please use an automatic removal tool below. You can also remove it manually, but we do not recommend doing this. 

Automatic Guard Online removal:

Malwarebytes Anti Malware

Download | review

Tested and Confirmed! Malwarebytes Anti Malware removes Guard Online (2011-10-10 15:09:42)

Spyware Doctor

Download | review | tutorial

We are testing Spyware Doctor's efficiency at removing Guard Online (2011-10-25 18:16:06)

STOPzilla

Download | review

We are testing STOPzilla's efficiency at removing Guard Online (2011-10-25 18:16:06)

XoftSpySE Anti Spyware

Download | review

Guard Online manual removal:

FORUM:
Discuss Guard Online in
spyware removal forum

Kill processes:
[random].exe
csrss.exe
conhost.exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run
?€?gTZqjYCkIrOyAuS8234A=%SystemRoot%\system32\[random]?€?
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run
?€?conhost=%AppData%\Microsoft\csrss.exe?€?
HKEY_LOCAL_MACHINE\system\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings
?€?ProxyEnable=00000001?€³
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
?€?ProxyEnable=00000001?€³
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
?€?ProxyServer=http=127.0.0.1:53717?€³
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
?€?DefaultConnectionSettings=3C0000000B0000000?€¦?€?
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
?€?SavedLegacySettings=3C0000006B0000000?€¦?€?
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
?€?%RANDOM%=%AppData%\csrss.exe?€?
HKEY_CURRENT_USER\software\Microsoft\Windows NT\CurrentVersion\Windows
?€?Load=%SystemRoot%\system32\lvvm.exe"
HKEY_CURRENT_USER\software\Microsoft\Windows NT\CurrentVersion\Winlogon
?€?Shell=explorer.exe,%AppData%\conhost.exe"

HELP:
how to remove registry entries

Delete files:
%SystemRoot%\system32\[random].exe
%SystemRoot%\system32\[random].exe
%AppData%\[random]EAV Guard Online.ico
%AppData%\conhost.exe
%AppData%\csrss.exe
%AppData%\E84E.1B6
%AppData%\ldr.ini
%AppData%\[random]\
%AppData%\[random]\
%AppData%\[random]\
%AppData%\Microsoft\csrss.exe
%UserProfile%\Desktop\Guard Online.lnk
%Temp%\4F.tmp
%Temp%\53.tmp
%Temp%\54.tmp
%Temp%\55.tmp
%UserProfile%\Start Menu\Programs\Guard Online\
%UserProfile%\Start Menu\Programs\Guard Online\Guard Online.lnk

HELP:
how to remove harmful files

QR code for Guard Online removal instructions:

QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like Guard Online are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Guard Online right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

Additional resources:

Post Comment:

Attention: Use this form only if you have additional information about Guard Online parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«


* All field required