We’ve been talking about several malicious programs from the Rogue.WinAVPro family and another infection (Security Guard 2012) of this kind is the topic of today’s virus removal guide. Security Guard 2012 displays fake warnings and alerts to fool you into buying the licensed version of their software. It will try to deceive you into believing that your PC has been heavily infected and that you have to purchase the entire Security Guard 2012 package if you want to clean it.
Most of your programs and applications will be suspended and instead of being able to run them, you will receive fake alerts telling you that those programs are infected. You will also be unable to visit webpages becuase this infection will use a Proxy Server that will stop you from accessing the sites you want to visit. You will see instead fake warnings telling you that those websites you want to reach are malicious. This is just another tactic the malware uses in order to make you believe that your machine is really infected.
Security Guard 2012 will fakely scan your PC and the scan results will show that several infections have been found. The infection has been developed to show these results regardless of how clean your computer is. Don’t let yourself deceived by this rogue anti-spyware and don’t purchase it. Contact your credit card company if you have bought the Security Gurad 2012 package and dispute your purchase.
If you want to clean your computer of this infection, then here’s what you have to do.
1. As we’ve told you in the previous virus removal guides, you will have to print out all the instructions below or use another computer to read them. You need to do this because all the windows and running programs will have to be closed at a certain moment in the Security Guard 2012 removal process.
In case you cannot use your computer to download Rkill and MBAM (and there are great chances for you not to be able to do that since the infection might block your computer’s download functions), you will have to use another computer. Donwload the necessary tools on that machine and then use an external drive, USB flash drive or DVD/CD to transfer them to your infected PC.
2. Check the other virus removal guides we posted to see how to reboot your computer in Safe Mode With Networking. After you do that, disable the “Use a proxy server for your LAN” option by launching Internet Explorer and going to Tools>Internet Options>Connections>LAN Settings. By doing so, you will no longer be stopped from browsing the web and from getting to the websites you want to visit.
3. Security Guard 2012 is said to come up with the TDSS rootkit infection. Run TDSSKiller in this case and if you are asked to reboot, then do so. Reboot back into Safe Mode With Networking.
4. If you cannot use your PC to dowload Rkill, then download the tool on a different computer and then transfer it to your infected machine. If your computer allows you to download Rkill, then save it to your desktop and run it by double-clicking on the iExplore.exe icon.
Rkill will now terminate all those processes that are related to Security Guard 2012. Don’t worry if you are presented with alerts telling you that Rkill is malicious. These alerts are fake and Security Guard 2012 displays them in an attempt to protect itself from tools that would remove it. Bypass these alerts and warnings by leaving them open. Do not reboot even if Rkill asks you to do this.
5. Now donwload MBAM. Save it to your desktop and install it by double-clicking on the mbam-setup.exe icon. Follow the MBAM setup wizard without changing the default settings. All that must be done is to check the following options: Launch Malwarebytes’ Anti-Malware and Update Malwarebytes’ Anti-Malware. Click the Finish button without rebooting after that.
6. Once you’re done with the MBAM installation, go to its Scanner screen, check Perform Full Scan and then hit Scan. When the scan finishes, you will be able to see the scan results by going to the Scanner screen and clicking Show Results. You will then see a list of all the infections MBAM has found. Check them all before hitting Remove Selected.
7. After MBAM finishes deleting these malicious files, you will see the scan log displayed in Notepad. Close the notepad after reviewing it and then close MBAM, too.
By following the steps above, you should get rid of Security Guard 2012. Since your antivirus program allowed Security Guard 2012 to infect your PC, you should consider purchasing another software to protect from this kind of threats and infections. The PRO version of MBAM is one of the options you might be interested in.