How to remove Guard Online

 

Guard Online is a completely different skin of rogue antivirus of WinAVPro family, including such notoriaus rogues as BlueFlare antivirus, Open Cloud AV and some others. This parasite has different background and color scheme from other ones in this family, however it is not so different in functionality. Guard Online will infect your PC through browser vulnerabilities or trojans bundled with “images”, codecs or fake utility upgrades, thus computer users should be wary about any update required to view specific video on the internet or files, that start downloading without clicking on any link.

Guard Online uses regular tactics to scare user into purchasing full version of this scareware. Its infection is impossible to miss, as it comes with lots of symptoms. First, execution of legitimate programs will be stopped and task manager might be disabled as well. The “explanation” – Guard Online claims, that each of the executables is infected with viruses. Next, this fake AV will start displaying alerts about infections coming into your PC and hacker attacks. Additionally, it will claim that you are sending out spam messages from your email address. This is untrue and there are no parasites Guard Online lists. Here are some of its alerts displayed for a user:

svchost.exe
svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.

Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Publisher: Unauthorized

Warning! Infection found
Unauthorized sending E-MAIL with subject “RE:” to <fake email here> was CANCELLED.

Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.

Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.

Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.

If you run a scan with Guard Online, it will detect infections in everyday programs – notepad, task manager and alike. These detections should be ignored – all programs are clean and will not require any fix after Guard Online removal. However, to take control of the PC again, you will have to get rid of this fake AV.

How to remove Guard Online

The simplest way to remove Guard Online is following:
1. Right-click on Guard Online icon on desktop.
2. Select Properties. There will be a field that shows file and folder name. The folder name will likely be C:\Windows\System32\. File name will be completely random.
3. Open the location in explorer (C:\Windows\System32\ )
4. Rename the file in that folder that is shown in Target field (step 2).
5. Reboot PC normally. The Guard Online should not launch.
6. open the location again and delete the file.
7. scan with spyhunter and Malwarebytes Anti-Malware to get rid of remaining Guard Online files and processes. If browser does not open websites, try disabling proxy server in the browser
8. You might have to scan your PC with TDSS killer as well. This might need to be done after step 5.
If you have problems launching software while Guard Online is active try this code to disable it : 4261328365

 

Automatic Guard Online removal tools

 
  Download Spyhunter for Guard Online detectionNote: Spyhunter trial provides detection of parasite like Guard Online and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
 

Manual Guard Online removal

 

Important Note: Although it is possible to manually remove Guard Online, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other tools found on 2-viruses.com.

Processes:
Files:
Registers:

It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Guard Online infected files and get help in Guard Online removal by using Spyhunter scanner. 

 

Guard Online screenshots

 
guard-online
 
 
 
 
 
 
 
 
 
 

2 thoughts on “Guard Online

  1. Laura
     

    Well I was able to get the virus off of my laptop, but my ipod was plugged in when i picked up the virus, and now the internet on it is not working. any suggestions. My phone was connected too as well as my expansion hard drive. any suggestions or thoughts about those being infected?

     
  2. Jonathan
     

    Changing the name of the file won’t work. Go into the same System32 folder and do a search for .exe files. Several .exe files will show up with random names and the same file size — 2.90 mb. Change the names of all of them. Then restart windows. Guard Online will start, of course. Go to the icon on the desktop, right click. Click Open File Location. This time the location will be different but change the name again. Restart Windows and finally Guard Online will not start. Then delete all of the renamed files.

     

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>