Severity scale  
  (96/100)

Win 7 Guard. How to Remove? (Uninstall Guide)

removal by - -   Also known as Win7Guard | Type: Rogue Antispyware
12
Win 7 Guard is a typical rogue anti-spyware which will "inform" you about tons of viruses detected while in reality it will be the one that needs to be uninstalled. Win 7 Guard is designed to create an image that computer is dramatically infected because additionally it starts offering the way for fixing everything. This way is so called "licensed" version which is promised to remove every cyber threat detected by its trial version. However, by purchasing Win 7 Guard, you will only support its creators. Keep in mind that you must remove Win 7 Guard just like all other viruses from its dangerous Fake anti-spywares’ family (XP Guard , for example)
Win 7 Guard is known to be spread through fake online scanners, fake flash updates and malicious video codecs that are aggressively required for watching videos online. Once it gets there, malware configures some system parameters to disable security programs found or make itself launched as soon as computer reboots.

The additional actions of Win 7 Guard should be clear for every person who has already had some rogue anti-spyware on his PC: malware will trigger numerous popup ads and security scanners with faked information given, like:


Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.



System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.


These alerts claiming about numerous viruses detected are useless because they tell invented facts. Of course, they should be never trusted and followed, so remember that only Win 7 Guard can help in this situation. If it is left running no your PC, you will start facing continuous redirections to malware sites and attacks from more viruses. To stop this scam and additionally remove it, try Win 7 Guard removal instructions written below:

To remove Win 7 Guard you may need another PC, as removing it from safe mode with networking will not work in most of the cases.

a) Burn these programs to CD or write them to USB disk. You can use your MP3 player, or smartphone if it has storage functions. This parasite does not spread through USB at the moment:

1. Spyware Doctor or an automatic removal tool below. Update Spyware Doctor and run a full system scan.

2.You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.

b) Boot normally. Wait for Win 7 Guard to launch, and run exeregfix.reg . This should allow launching legitimate programs

c) Delete or remove the files that are mentioned in our files box. You can use Spyware Doctor to identify the infected files and additional infections or automatic Win 7 Guard removal tool. Do not forget update it before scanning. Remove what it finds.

d) Scan with Spyware Doctor and secondary tools and reboot your PC. This should fully get rid of Win 7 Guard.

UPDATE!!! One of PC security bloggers, S!Ri, has announced about a serial code that may help you to disable those malwares that all change their names according to OS they find. Enter this serial code when doing Win 7 Guard registration: 145-17884799-7733. This and the order number 21197673 should also work for earlier versions of this type of parasite. After typing them, you should become able to use your anti-spyware, if it fails follow the guide written above. Be aware that these numbers are expected to change in the near future!



Win 7 Guard properties:
• Shows commercial adverts
• Connects itself to the internet
• Stays resident in background

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Win 7 Guard. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Win 7 Guard. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
STOPzilla
Tested and Confirmed! STOPzilla removes Win 7 Guard (2010-11-15 07:08:54)
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes Win 7 Guard (2010-11-15 07:08:54)
Plumbytes
We are testing Plumbytes's efficiency (2010-11-16 06:04)
Hitman Pro
STOPzilla
Tested and Confirmed! STOPzilla removes Win 7 Guard (2010-11-15 07:08:54)
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes Win 7 Guard (2010-11-15 07:08:54)
Webroot SecureAnywhere AntiVirus

Win 7 Guard manual removal

Kill processes:
pw.exe
MSASCui.exe
Delete registry values:
HKEY_CURRENT_USERSoftwareClassespezfile
HKEY_CLASSES_ROOTpezfile
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CURRENT_USERSoftwareClassespezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CLASSES_ROOTpezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesInternet Exploreriexplore.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = "1"
Delete files:
%UserProfile%Local SettingsApplication DataopRSK
%UserProfile%Local SettingsApplication Datapw.exe
%UserProfile%Local SettingsApplication DataMSASCui.exe
%UserProfile%AppDataLocalopRSK
%UserProfile%AppDataLocalpw.exe
%UserProfile%AppDataLocalMSASCui.exe

Information updated:

Comments on Win 7 Guard

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)