NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  
Title: XP Guard
Type: Rogue Antispyware
Also known as: XPGuard

Remove XP Guard
Removal instructions

by
 
Severity scale:XP Guard severity is 87  (87 / 100)
 
XP Guard is a fake computer security program that promises its victims to fix their computers and remove all viruses detected. However, you should know that these “viruses” won’t be found by any legitimate anti-spyware because XP Guard fakes them trying to make you concerned. Just like XP Security 2011, this scam hails from notorious malwares family which expects to steal users’ money.

By changing its name according to the OS it finds, programs from XP Guard group infect computers unnoticeably with a help f Trojans. XP Guard is also distributed through fake online scanners, flash updates, misleading pop-ups that appear when you are browsing, so make sure that your anti-spyware is usually updated!

Having infiltrated the targeted computer, XP Guard will start causing numerous problems though it will try to convince you that it is extremely needed. Being quite hardly removable, this scam displays lots of false spyware detection reports and fabricated scanners that will announce the same thing. This unpaid activity also includes continuous pop-up ads and takeover of your browser to interrupt into your normal work with PC. XP Guard will misleadingly announce:


Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
- Dangerous code found in this site's pages which installed unwanted software into your system.
- Suspicious and potentially unsafe network activity detected.
- Spyware infections in your system
- Complaints from other users about this site.
- Port and system scans performed by the site being visited.
Things you can do:
- Get a copy of Vista Antispyware 2011 to safeguard your PC while surfing the web (RECOMMENDED)
- Run a spyware, virus and malware scan
- Continue surfing without any security measures (DANGEROUS)



System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.


Going no further, XP Guard will say that for elimination of these problems, you firstly have to register its “full” version and now it should become obvious that it wants your money only. XP Guard should not be left inside your PC because it will let other scams to reach your machine and also starts fraudulent activity. Whenever you see XP Guard, don’t take seriously anything what it tells and stay away from it and its websites. Make sure that you remove XP Guard ASAP if it’s on your machine already.

UPDATE!!! One of PC security bloggers, S!Ri, has announced about a serial code that may help you to disable those malwares that change their names according to OS they find. Enter this serial code when doing registration: 1145-17884799-7733. This and the order number 21197673 should also work for earlier versions of this type of parasite.
After typing them, you should become able to use your anti-spyware, if it fails follow the guide written below. Be aware that these numbers are expected to change in the near future!

a) Burn these programs to CD or write them to USB disk. You can use your MP3 player, or smartphone if it has storage functions. This parasite does not spread through USB at the moment:

1. Spyware Doctor or an automatic removal tool below. Update Spyware Doctor and run a full system scan.

2.You might want to download Hitman Pro or Malwarebytes as alternate scanners. Though you are likely to be able to download them later on.

b) Boot normally. Wait for XP Guard to launch, and run exeregfix.reg . This should allow launching legitimate programs

c) Delete or remove the files that are mentioned in our files box. You can use Spyware Doctor to identify the infected files and additional infections or automatic XP Guard removal tool. Do not forget update it before scanning. Remove what it finds.

d) Scan with Spyware Doctor and secondary tools and reboot your PC. This should fully get rid of XP Guard.


Related files: %UserProfile%AppDataLocalMSASCui.exe, %UserProfile%AppDataLocalpw.exe, %UserProfile%AppDataLocalopRSK, %UserProfile%Local SettingsApplication DataMSASCui.exe, %UserProfile%Local SettingsApplication Datapw.exe, %UserProfile%Local SettingsApplication DataopRSK

XP Guard properties:
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic XP Guard removal:

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
By Downloading any provided Anti-spyware software to remove XP Guard you agree to our privacy policy and agreement of use.
remover for XP Guard
SpyHunter is recommended remover to uninstall XP Guard . You should confirm using free trial that it detects current version of parasite.

Note: Tested and Confirmed means that we have tested spyware remover with multiple versions of XP Guard and got the best results. There might be updated or modified version of particular parasite that require manual killing of parasite process or an update. In such case try other removers in the line.

Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manul removal instructions below.

If you failed to remove XP Guard using SpyHunter please report this to us.
Malwarebytes Anti Malware
Download | review
Tested and Confirmed! Malwarebytes Anti Malware removes XP Guard (2010-11-13 07:52:03)
STOPzilla
Download | review
Tested and Confirmed! STOPzilla removes XP Guard (2010-11-13 07:52:03)
Spyware Doctor
Download | review | tutorial
We are testing Spyware Doctor's efficiency at removing XP Guard (2010-11-16 08:56:51)
XoftSpySE Anti Spyware
Download | review

XP Guard manual removal:

Kill processes:
pw.exe
MSASCui.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USERSoftwareClassespezfile
HKEY_CLASSES_ROOTpezfile
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CURRENT_USERSoftwareClassespezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_CLASSES_ROOTpezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesInternet Exploreriexplore.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = "1"
HELP:
how to remove registry entries

Delete files:
%UserProfile%Local SettingsApplication DataopRSK
%UserProfile%Local SettingsApplication Datapw.exe
%UserProfile%Local SettingsApplication DataMSASCui.exe
%UserProfile%AppDataLocalopRSK
%UserProfile%AppDataLocalpw.exe
%UserProfile%AppDataLocalMSASCui.exe
HELP:
how to remove harmful files
Phone Support to remove XP Guard
Phone Support to remove XP Guard

QR code for XP Guard removal instructions:

XP Guard qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like XP Guard are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall XP Guard right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

SYMPTOMS OF rogue antispyware INFECTION

Rogue AntiSpyware virus usually imitates the legal anti-spyware software or some essential system components. Typically virus gets inside the computer with a help of trojans, that use security vulnerabilities for that. After getting inside the system, it tries to make it look like your system is infected with the numerous parasites, so it starts ‘scanning’ and finds numerous threats.

All rogue Anti-spyware along with XP Guard have the same purpose: Get your money by using scare tactics. If you will believe that that fake threats are real and pay them money, you will not get them back even if you will ask to cancel the order in your Bank. All the infections are deceptive and you dont need to purchase their Paid version. You need to remove Rogue virus itself.

Information added: 2010-11-13 07:52:03
Information updated: 2010-11-16 06:19:36

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url
more resources

Post Comment:

Attention: Use this form only if you have additional information about XP Guard parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Latest spyware news:
Subscribe to news

Similar parasites:
Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2 HijackThis Log Analyzer Beta 2

I failed to remove XP Guard using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Latest Spyware Threats: Smart Data Recovery | Smart Fortress 2012 | Antivirus Protection 2012 | Internet Security | Internet Security 2012 | System Check | Smart HDD | Security Shield
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds | Follow us | Like us
© 2001-2011 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.