Guard Online is a re-designed version of AV Guard Online and these rogue products are coming from Rogue.WinAVPro family. This family is notorious for making products like Open Cloud Security, Guard Online, AV Guard Online, Security Guard 2012, Wolfram Antivirus, Cloud Protection and several other applications with same user interface and malicious features.
Guard Online is a scareware software specially designed to ransom money from unsuspecting computer users. This rogue software enters in your computer in a disguised manner. You’ll think that you are downloading flash update (or other software update) but that flash update will turn out as Guard Online virus.
Guard Online will install itself silently and modify your computer’s registry to load itself on startup so that you can’t run any other software on your computer. Once your computer is up and running, It will start blocking Task Manager as well as all other applications so that you can’t close Guard Online anyhow.
This rogue software won’t let you run any software and close all the applications forcefully. Guard Online is also bundled with a rootkit called ZeroAccess. This rootkit will block all the applications and change permissions of the programs so that you can’t run them.
Guard Online will also show fake infection alerts like :
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.
Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.
You should not pay attention to any alerts or warning shown by the rogue software. They are all fake and designed to trick you into purchasing full version of rogue software which is useless.
Here is a screenshot of Guard Online doing showing fake infection results. You can view 10 more images of the rogue in the gallery below. These screenshots were taken by our malware research team. 
How To Remove Guard Online
Guard Online is a fake software and can’t protect your computer from any viruses as it is a virus itself. You don’t need to get afraid as this rogue can’t harm your computer but It just blocks all the things temporarily. You can easily remove guard online by following these removal methods. These methods are tested and verified by our malware research team.
A) Automatic Removal
Automatic Removal method is the best, fastest and safest way to remove Guard Online from your computer. This approach is based on using a genuine anti-spyware program. To follow this removal method, you need to download a software called Spyware Doctor which is specially designed to deal with spywares, malwares, rootkits and other similar products.
You need to follow this method in “Safe Mode with Networking” mode as virus won’t let you run anything in Normal Mode. Follow these steps for automatic guard online removal :
A. Reboot your computer and press “F8” key continuously. This will show Advanced Options of Windows startup. Select “Safe Mode with Networking” and press Enter key.
B. Once your computer boots up, Click the button below to Download Spyware Doctor and install the software in your computer.
C. Update Spyware Doctor’s virus database and start “Full Scan” of your computer. Please note that Spyware Doctor supports three scan modes :
1. Intelli-Scan
2. Full Scan
3. Custom Scan
You need to select “Full Scan” and then scan all files and folders on your computer. Spyware Doctor will scan each file and find all the infections on your computer and you just need to click “Fix Checked” button to get rid of all the infections. After removing Guard Online, you can reboot your computer in normal mode and you won’t face any further problem with your computer.
This video from our research lab shows Guard Online running on our machine :
B) Manual Removal
Manual Removal method is another way to remove guard online from your computer. This method is very tedious and should be followed only by experienced computer users.
This method is time consuming as well because you need to find and delete all the infected files yourself. Rogue software creates their files with random names and among thousands of other legitimate files on your computer, It is a tough task to find the culprit files on your machine. On the other hand, If you delete a legitimate system file from your computer, you may experience further problems.
Please follow these removal steps at your own risk :
1. Try To Do a System Restore
To do a System Restore, please boot up your computer in “Safe Mode with Networking” mode (Keep pressing F8 button at startup and select this mode) and then click on Start—>Programs—>Accessories—>System Tools—>System Restore and follow the instructions thereon to complete the process. (More Help on How To Do System Restore)
Restore your computer to an earlier date when your computer was not infected and If system restore works, you don’t need to follow any other step.
2. Correct Startup Registry Entry of Rogue Software
Run Registry editor by clicking on Start—>Run, type “regedit” and click OK button. Now you need to remove this registry entries so that malware can’t load at startup. (Learn How To Edit Registry)
This is the registry entry that you need to remove :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “<random and strange name>”
If you remove above registry entry correctly, Guard Online will not be able to run itself on computer startup.
3. Remove Guard Online Files From Your Computer
After correcting the registry, please remove files associated with this rogue. Find these files and delete them. (Learn How To Search and Delete Files)
%AppData%\<random>\
%AppData%\<random>\
%System%\<random>.exe
%AppData% Folder Means :
For Windows XP : C:\Documents and Settings\<username>\Application Data\
For Windows Vista/7 : C:\Users\<username>\AppData\Roaming.
%System% means System folder of Windows operating System. I.E. C:\Windows\System\
Guard Online creates its executable files in System folder and that folder consists thousands of other system files as well. Make sure that you don’t delete any file based on your guess and It can turn out fatal for your computer. If you don’t want to take any risks, automatic removal method is the right way to disinfect your computer from this major problem.
Loading ...
