Call Toll Free in the US and Canada!
Remove Guard Online. Removal instructions
Guard Online is a rogue anti-spyware that has rather ineteresing graphicah user interface but after all it’s just another malware with only one goal – to steal moeney from people. It is promoted through the use of malware, mostly trojan droppers, fake online scanners and infected websites. While running, Guard Online will block legit antivirus and anti-spyware programs, disable task manager and other useful system tools to protect itself from being removed. It’s nothing more but a scam. If you find that your computer is infected with this reogue security program please use the removal instructions below to remove Guard Online from your computer either manually or with an automatic removal tool. If you have already purchased this fake program, then contact your credit card company immediately and dispute the charges.
Guard Online is is from the same family as AV Guard Online. It asks to pay for a full version of the program to remove viruses and to make your computer protected. Moreover, Guard Online displays fake security warnings claiming that your your PC is under attack and that your credit card information can be stolen by Zeus Keyloggers. Here are some fake security warnings generated by this fake antivirus program:
Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan Publisher: Unauthorized
Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.
It goes without saying that Guard Online should be removed from your computer as soon as possible. If you have problems removing this malware, use our removal instructions below. Keep in mind that this malware comes bundled with ZeroAccess rootkit. It can be very diffucult to remove this malware from your computer. If you won’t remove the rootkit, Guard Online wil return after a few days or so. To completely remove this infection from your computer, please use an automatic removal tool below. You can also remove it manually, but we do not recommend doing this.
Guard Online snapshot:
Automatic Guard Online removal:
Guard Online manual removal:
Kill processes:
[random].exe csrss.exe conhost.exe
how to kill malicious processes
Delete registry values:
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run
“gTZqjYCkIrOyAuS8234A=%SystemRoot%\system32\[random]”
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run
“conhost=%AppData%\Microsoft\csrss.exe”
HKEY_LOCAL_MACHINE\system\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings
“ProxyEnable=00000001?
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
“ProxyEnable=00000001?
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
“ProxyServer=http=127.0.0.1:53717?
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
“DefaultConnectionSettings=3C0000000B0000000…”
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
“SavedLegacySettings=3C0000006B0000000…”
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
“%RANDOM%=%AppData%\csrss.exe”
HKEY_CURRENT_USER\software\Microsoft\Windows NT\CurrentVersion\Windows
“Load=%SystemRoot%\system32vvm.exe”
HKEY_CURRENT_USER\software\Microsoft\Windows NT\CurrentVersion\Winlogon
“Shell=explorer.exe,%AppData%\conhost.exe”
how to remove registry entries
Delete files:
%SystemRoot%\system32\[random].exe %SystemRoot%\system32\[random].exe %AppData%\[random]EAV Guard Online.ico %AppData%\conhost.exe %AppData%\csrss.exe %AppData%\E84E.1B6 %AppData%dr.ini %AppData%\[random]\ %AppData%\[random]\ %AppData%\[random]\ %AppData%\Microsoft\csrss.exe %UserProfile%\Desktop\Guard Online.lnk %Temp%\4F.tmp %Temp%\53.tmp %Temp%\54.tmp %Temp%\55.tmp %UserProfile%\Start Menu\Programs\Guard Online\ %UserProfile%\Start Menu\Programs\Guard Online\Guard Online.lnk
how to remove harmful files