Guard Online is a completely different skin of rogue antivirus of WinAVPro family, including such notoriaus rogues as BlueFlare antivirus, Open Cloud AV and some others. This parasite has different background and color scheme from other ones in this family, however it is not so different in functionality. Guard Online will infect your PC through browser vulnerabilities or trojans bundled with “images”, codecs or fake utility upgrades, thus computer users should be wary about any update required to view specific video on the internet or files, that start downloading without clicking on any link.
Guard Online uses regular tactics to scare user into purchasing full version of this scareware. Its infection is impossible to miss, as it comes with lots of symptoms. First, execution of legitimate programs will be stopped and task manager might be disabled as well. The “explanation” – Guard Online claims, that each of the executables is infected with viruses. Next, this fake AV will start displaying alerts about infections coming into your PC and hacker attacks. Additionally, it will claim that you are sending out spam messages from your email address. This is untrue and there are no parasites Guard Online lists. Here are some of its alerts displayed for a user:
svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.
Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Warning! Infection found
Unauthorized sending E-MAIL with subject “RE:” to <fake email here> was CANCELLED.
Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.
If you run a scan with Guard Online, it will detect infections in everyday programs – notepad, task manager and alike. These detections should be ignored – all programs are clean and will not require any fix after Guard Online removal. However, to take control of the PC again, you will have to get rid of this fake AV.
How to remove Guard Online
The simplest way to remove Guard Online is following:
1. Right-click on Guard Online icon on desktop.
2. Select Properties. There will be a field that shows file and folder name. The folder name will likely be C:\Windows\System32\. File name will be completely random.
3. Open the location in explorer (C:\Windows\System32\ )
4. Rename the file in that folder that is shown in Target field (step 2).
5. Reboot PC normally. The Guard Online should not launch.
6. open the location again and delete the file.
7. scan with spyhunter and Malwarebytes Anti-Malware to get rid of remaining Guard Online files and processes. If browser does not open websites, try disabling proxy server in the browser
8. You might have to scan your PC with TDSS killer as well. This might need to be done after step 5.
If you have problems launching software while Guard Online is active try this code to disable it : 4261328365
Automatic Malware removal tools