Guard Online
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 14 |
First Seen: | October 10, 2011 |
Last Seen: | March 28, 2023 |
OS(es) Affected: | Windows |
Table of Contents
Guard Online – A Fake Security Program from the WinAVPro Family
Guard Online is a rogue anti-spyware program that is part of a well-known computer scam. Guard Online belongs to a large family of fake anti-spyware programs known as the WinAVPro family of rogue security programs. Rogue security programs in this family, such as OpenCloud Security and OpenCloud Antivirus, are closely related to the ZeroAccess rootkit, something that makes them particularly dangerous. Typically, Guard Online is distributed through attack websites, which take advantage of security vulnerabilities in your Internet browser or operating system in order to force your computer system to download and install a Trojan infection. If your computer system has become infected with Guard Online, ESG PC security researchers strongly recommend ignoring all of this programs security alerts and error messages. Guard Online is not a real security program; Guard Online is designed to steal your money and cause problems on your computer system. ESG malware analysts recommend removing Guard Online with a real anti-malware application.
Guard Online and the ZeroAccess Rootkit
It is not uncommon for Guard Online to be bundled with rootkits, particularly the ZeroAccess rootkit as well as some releases of the TDSS rootkit. Rootkits associated with Guard Online are designed to help protect and hide this fake security application. This means that it will not be easy to remove Guard Online, unless you take care of the rootkit infection beforehand. Some ways in which the ZeroAccess rootkit protects Guard Online include hiding Guard Online's malicious file processes in the Windows Task Manager, blocking any legitimate security programs that would remove Guard Online and allowing malicious components to start up even if your operating system is starting up in Safe Mode. To remove any rootkits associated with Guard Online, ESG PC security researchers strongly recommend using a specialized rootkit removal tool or a particularly strong anti-malware application. Rootkits are malware infections that are notoriously difficult to remove; in some cases, expert assistance may be required.
Do Not Fall for the Guard Online Scam
Guard Online is part of a scam to steal your money. This fake security program will do everything possible to convince you that your computer system is infected with severe malware problems. It will pester you with constant error messages, fake security alerts, and genuine-looking system scans. Your computer will also be slower and more unstable, which adds to the illusion. However, you should not forget that the actual problem is Guard Online itself.
Aliases
15 security vendors flagged this file as malicious.
Anti-Virus Software | Detection |
---|---|
Fortinet | W32/Kryptik.ISS!tr |
Ikarus | Trojan.SuspectCRC |
AhnLab-V3 | Trojan/Win32.Jorik |
Microsoft | Rogue:Win32/FakeScanti |
DrWeb | Trojan.DownLoader5.1792 |
Comodo | Heur.Suspicious |
Sophos | Mal/FakeAV-IS |
BitDefender | Trojan.Generic.KD.373094 |
Kaspersky | Trojan-FakeAV.Win32.Agent.bdy |
Avast | Win32:Cycbot-MX [Trj] |
NOD32 | a variant of Win32/Kryptik.TSA |
K7AntiVirus | Trojan |
McAfee | Artemis!23C1A4B28EA2 |
Panda | Trj/CI.A |
Ikarus | Trojan.Win32.Spy |
SpyHunter Detects & Remove Guard Online
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | crss.exe | 873f5a2a8e002a678a2618fc9e003cee | 5 |
2. | bBtzPNycAuDoFpG.exe | 23c1a4b28ea252dd2dd1cd73c57eb7a9 | 4 |
3. | %System%\[RANDOM CHARACTERS].exe | ||
4. | %AppData%\[RANDOM CHARACTERS]\ | ||
5. | %StartMenu%\Programs\Guard Online\ | ||
6. | %AppData%\[RANDOM CHARACTERS] Guard Online.ico | ||
7. | %UserProfile%\Desktop\Guard Online.lnk | ||
8. | %AppData%\ldr.ini | ||
9. | %StartMenu%\Programs\Guard Online\Guard Online.lnk |