Security Guard

Malware removal

The Security Guard virus employs all the latest badware tools to wreak havoc on your computer and ruin your day. This fake antispyware from the crooks who made CleanUp Antivirus and Security Antivirus fills your computer with a bunch of useless junk and then tries to get you to pay to remove this same useless junk.

To make things worse, it shows endless Security Guard pop-ups and tries to scare you with phony system scans that “detect” a long list of mean-sounding viruses with names like “Virus.Win32.Faker.a.” Most of these are just recycled names from years-old viruses, and they probably haven’t been anywhere near your computer.

Ready to restore sanity to your hard drive? Here’s how to get rid of Security Guard for free.

Remove Security Guard Now

Download SpyHunter


Read our review
.

Stop Security Guard processes:

exec.exe
SG345d.exe
cb.exe
energy.exe
exec.exe
kernel32.exe
SICKBOY.exe

Remove registry values:

HKEY_CURRENT_USERSoftware3
HKEY_CLASSES_ROOTSG345d.DocHostUIHandler
HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopes “URL” = “http://findgala.com/?&uid=1002&q={searchTerms}”
HKEY_CURRENT_USERSoftwareClassesSoftwareMicrosoftInternet ExplorerSearchScopes “URL” = “http://findgala.com/?&uid=1002&q={searchTerms}”
HKEY_CURRENT_USERSoftwareMicrosoftInternet Explorer “PRS” = “http://127.0.0.1:27777/?inj=%ORIGINAL%”
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload “RunInvalidSignatures” = “1″
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings5.0User AgentPost Platform “layout/2.01002″
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Security Guard”
HKEY_CLASSES_ROOTSoftwareMicrosoftInternet ExplorerSearchScopes “URL” = “http://findgala.com/?&uid=1002&q={searchTerms}”

Remove DLLs:

c:Documents and SettingsAll UsersApplication Data345d567mozcrt19.dll
c:Documents and SettingsAll UsersApplication Data345d567sqlite3.dll
%UserProfile%Recentcid.dll
%UserProfile%Recenteb.dll

Delete Security Guard files:

c:Documents and SettingsAll UsersApplication Data345d56724.mof
c:Documents and SettingsAll UsersApplication Data345d567SG345d.exe
c:Documents and SettingsAll UsersApplication Data345d567SGD.ico
c:Documents and SettingsAll UsersApplication Data345d567SGDSysvd952342.bd
c:Documents and SettingsAll UsersApplication DataSGZIQYEXRDSGWNLED.cfg
%UserProfile%Application DataSecurity Guardcookies.sqlite
%UserProfile%Application DataSecurity GuardInstructions.ini
%UserProfile%DesktopSecurity Guard.lnk
%UserProfile%RecentANTIGEN.sys
%UserProfile%RecentANTIGEN.tmp
%UserProfile%Recentcb.exe
%UserProfile%Recentddv.sys
%UserProfile%Recenteb.drv
%UserProfile%Recentenergy.exe
%UserProfile%Recentexec.exe
%UserProfile%Recentexec.tmp
%UserProfile%Recentfan.drv
%UserProfile%Recentfix.tmp
%UserProfile%Recentgrid.exe
%UserProfile%Recentkernel32.exe
%UserProfile%Recentrunddlkey.drv
%UserProfile%RecentSICKBOY.exe
%UserProfile%Recenttempdoc.tmp
%UserProfile%Start MenuSecurity Guard.lnk
%UserProfile%Start MenuProgramsSecurity Guard.lnk
c:Program FilesMozilla Firefoxsearchpluginssearch.xml

Get rid of folders:

c:Documents and SettingsAll UsersApplication Data345d567
c:Documents and SettingsAll UsersApplication Data345d567BackUp
c:Documents and SettingsAll UsersApplication Data345d567Quarantine Items
c:Documents and SettingsAll UsersApplication Data345d567SGDSys
c:Documents and SettingsAll UsersApplication DataSGZIQYEXRD
%UserProfile%Application DataSecurity Guard

DIY Security Guard Removal Instructions

Start by removing the above files. If you're not sure how to do this, refer to the instructions below.

Note: In any files I mention above, “%UserProfile%” is a variable referring to your current user’s profile folder. (Not an iEuphemism for muth@fugg@#*!@.) So if you’re using Windows NT/2000/XP/7, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\NoahFence”).

How to Manually Delete Badware Files

Need some removing badware files help? No biggie. While you should only manually delete badware files if you're comfy editing your system, you'll find it's pretty easy. And probably really satisfying.

How to delete badware files in Windows XP/Vista/7:

  1. Click your Windows Start menu, then click "Search."
  2. A pop up will ask, "What do you want to search for?" Click "All files and folders."
  3. Type a badware file in the search box, and select "Local Hard Drives."
  4. Click "Search." Once the badware file is found, delete it.

How to stop badware processes:

  1. Click the Start menu, select Run.
  2. Type taskmgr.exe into the the Run command box, and click "OK." You can also launch the Task Manager by pressing keys CTRL + Shift + ESC.
  3. Click Processes tab, and find badware processes.
  4. Once you've found the badware processes, right-click them and select "End Process" to kill badware.

badware processes

How to remove badware registry keys:

Backup your registry before you edit it. Then...

  1. Click the Start menu, and click "Run." An "Open" field will appear. Type "regedit" and click "OK " to open up your Registry Editor. In Windows 7, just type "regedit" into the "Search programs and files" box in the Start menu.
  2. Registry Editor opens as a two-paned window: the left side lets you select registry keys,the right side shows the values of any selected registry key.
  3. To find a badware registry key, select "Edit," then select "Find," and in the search bar type any of badware 's registry keys.
  4. When the badware registry key appears, to delete the badware registry key, right-click it, and select "Modify," then select "Delete."

Deleting badware Registry Keys

How to delete badware DLLs:

  1. Open the Start menu, and click "Run." Type "cmd" in Run, and click "OK." (In Windows 7, just type "regedit" into the "Search programs and files" box in the Start menu.)
  2. To change your current directory, type "cd" in the command box, press "Space," and enter the full directory where the badware DLL is located. If you're not sure where the badware DLL is located, enter "dir" in the command box to display a directory's contents. To go one directory back, type "cd .." in the command box and press "Enter."
  3. When you've found a badware DLL, type "regsvr32 /u SampleDLLName.dll" (e.g., "regsvr32 /u jl27script.dll") and press "Enter."

That's it. If you want to restore any badware DLL you removed, type "regsvr32 DLLJustDeleted.dll" (e.g., "regsvr32 jl27script.dll") into your command box, and press "Enter."

Did badware change your homepage?

  1. Select Start menu > Control Panel > Internet Options > General.
  2. Type your preferred home page's URL.
  3. Click "Use Default," "Apply," and "OK."