Wednesday, October 5, 2011

Remove Security Guard 2012Remove Security Guard 2012

Remove Security Guard 2012
Security Guard 2012 is a fake antivirus program that try to trick the user to buy the full version of Security Guard 2012 by using fake scan results. Security Guard 2012 installs itself into the computer without confirmation of the user unless the user set the UAC level to the highest level. Security Guard 2012 start itself when the computer boot and scan the computer automatically and produce fake scan result and keep on warning the users to buy the full version of Security Guard 2012. Security Guard 2012 is advertised mostly through the use of bogus online scanners and malicious websites.

Security Guard 2012 can be removed by stopping the processes and removing the files by using Emsisoft HiJackFree. Then the user should remove the registry entries added or modified by Security Guard 2012 shown in the removal guide below. All files related to Security Guard 2012 must be deleted.

Security Guard 2012 provide fake features such as System Scan, System Status, Privacy, Firewall and Security. All of these features cannot protect the computer at all. It scares the user with fake detection of trojans such as Trojan.VBS.Qhost, Trojan.Downloader.JS.Remora, Trojan.Downloader.JS.Agent etc. Do not believe all of the reports. It claims it can help to protect the PC but it always shows that the Windows is in danger and your security status is at risk.

Security Guard 2012 may tell the user that svchost.exe was replaced with unauthorized program. It has encountered a problem and needs to close. If you were in the middle of something, the information you were working on might be lost. Please tell Microsoft about this problem. We have created an error report that you can send to us. We will treat this report as confidential and anonymous.

Security Guard 2012 should be removed immediately.

Security Guard 2012 Removal Guide
Kill Process
(How to kill a process effectively?)
[random].exe

Delete Registry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "Security Guard 2012"
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION "svchost.exe"

Remove Folders and Files
%AppData%\[random]
%StartMenu%\Programs\Security Guard 2012
%System%\[random].exe
%Documents and Settings%\[UserName]\Local Settings\Temp\[random].tmp
%Documents and Settings%\[UserName]\Desktop\Security Guard 2012.lnk

File Location Notes:

%System% is a variable that refers to the Windows System folder. By default this is C:\Windows\System for Windows 95/98/ME, C:\Winnt\System32 for Windows NT/2000, or C:\Windows\System32 for Windows XP/Vista/7.

%UserProfile% refers to the current user's profile folder. By default, this is C:\Documents and Settings\[Current User] for Windows 2000/XP, C:\Users\[Current User] for Windows Vista/7, and c:\winnt\profiles\[Current User] for Windows NT.

%AppData% refers to the current users Application Data folder. By default, this is C:\Documents and Settings\[Current User]\Application Data for Windows 2000/XP. For Windows Vista and Windows 7 it is C:\Users\[Current User]\AppData\Roaming.

%StartMenu% refers to the Windows Start Menu. For Windows 95/98/ME it refers to C:\windows\start menu\, for Windows XP, Vista, NT, 2000 and 2003 it refers to C:\Documents and Settings\[Current User]\Start Menu\, and for Windows Vista/7 it is C:\Users\[Current User]\AppData\Roaming\Microsoft\Windows\Start Menu.

No comments:

Post a Comment