OnlineGuard is a misleading security application that can be installed on computer without users approval. Also called as Online Guard 2.1, this rogue software pretends to effectively guard computer and remove any form of threats and viruses. In reality, this software will provide nothing but fake virus scan results and false security alert messages. This scare tactics is utilized as marketing strategy not only for OnlineGuard but to all fake anti-virus programs widely spread on the Internet.
OnlineGuard will alter system settings to include itself on start-up items. This useless software can afford to automatically start without user’s execution and immediately run a virus scan, succeeding identification for multiple instances of Trojan VX Downloader and Trojan VX 12 follows. The whole process may seem legitimate but the two detected malware do not really infect the system.
Do not download or buy this worthless product.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP
OnlineGuard Removal Procedures
OnlineGuard REMOVAL TOOL:
Remove OnlineGuard efectively with Malwarebytes Anti-Malware. Free version is enough to eliminate OnlineGuard. Though full version with real-time protection is recommended to help protect the system against future infection.
1. Unload any running OnlineGuard process by pressing Ctrl+Alt+Del on your keyboard. This will open Task Manager. Look for the following process and click “End Process”:
2. If antivirus program Is installed, connect to Internet and update it to have the latest database and pattern files.
3. Thoroughly scan the computer and clean/delete all infected files. See lists of OnlineGuard associated files below.
4. Edit Windows registry and delete malicious entries as stated below. [how to edit registry]
5. Close registry editor, changes will be save automatically.
6. Remove OnlineGuard start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. System Configuration Utility will open. Go to Startup tab and uncheck the following Startup item(s):
7. Click on Apply and reboot the computer for changes to take effect.
Additional Useful Tools
Using Portable SuperAntiSpyware:
To thoroughly remove the virus, it is best to do a separate scan of another security program so that other infected files not detected by anti-virus application can be get rid as well. Click here to download and run SAS Portable Scanner.
Technical Details and Additional Information:
Aside from dropping files, OnlineGuard also alters Windows registry to execute itself when the system is started. It does not provide components on Add/Remove program of Windows so removing it from the Control Panel is unavailable.
Malicious Files Added by OnlineGuard
OnlineGuard Registry Entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”OnlineGuard” = “%ProgranFiles%\OnlineGuard\OnlineGuard.exe”
Alternative Removal Method for OnlineGuard
Option 1 : Use Windows System Restore to return Windows to previous state
If OnlineGuard enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before OnlineGuard infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.