Home / Parasites / Rogue Anti-Spyware / Windows Microsoft Guardian
1 of 6
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer

Windows Microsoft Guardian

PCs inadequately protected against threats are susceptible to infections from rogue security tools like Windows Microsoft Guardian and similar dangerous threats. Windows Microsoft Guardian in particular is a nasty rogue antispyware application which finds its roots in a long line of rogues including Windows Inspection Utility and Windows Attention Utility. It also forms part of the highly despised and sophisticated fake Microsoft Security Essentials scam. Even though the developers behind Windows Microsoft Guardian invested a lot of effort into its GUIs, users should still not believe that this rogue is able to live up to any of its over embellished promises, and should destroy Windows Microsoft Guardian the moment it is detected.

Download Spyware Removal Tool to Remove* Windows Microsoft Guardian
  • Quick & tested solution for Windows Microsoft Guardian removal.
  • 100% Free Scan for Windows

As is common with these types of rogue applications Windows Microsoft Guardian will make use of established forms of infection, which includes making use of bogus online malware scanners and seditious browser hijackers as part of its online marketing campaigns. Users have also reported that of late Windows Microsoft Guardian uses infected online flash ads to root its infections into its victims’ PCs.

Once the rogue is securely rooted in the system it will start its attack against the system. Because of its clandestine infiltration of the system the user will find it difficult to identify and remove Windows Microsoft Guardian without some help. In fact, the first clue the user will have as to the presence of Windows Microsoft Guardian on the system will come from a fake system scan generated by Windows Microsoft Guardian each time the user logs on to Windows. This fake scan will inevitably yield false positives on the system and will attempt to force the user into paying for its rubbish software.

As a further attack against the PC Windows Microsoft Guardian will spam the system with incessant fake security alerts in the form of pop up messages. These false alerts will usually contain calls to action which if acted upon will make it that much easier for Windows Microsoft Guardian to fleece the user out of his hard earned money. Some of the fake alerts to be on the lookout for include the following:

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click 'show details' to learn more.

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

Warning!
Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot

Never believe any correspondence received from Windows Microsoft Guardian, and never pay for any of its rubbish products. In order to limit the damage this rogue is certain to cause your PC, obliterate Windows Microsoft Guardian without further delay. This is best achieved by making use of a properly functioning security tool which will not only erase Windows Microsoft Guardian but also protect against similar attacks in future.

Download Spyware Removal Tool to Remove* Windows Microsoft Guardian
  • Quick & tested solution for Windows Microsoft Guardian removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Windows Microsoft Guardian

Files associated with infection (Windows Microsoft Guardian):

%AppData%\Microsoft\[random].exe

Processes to kill (Windows Microsoft Guardian):

%AppData%\Microsoft\[random].exe

Remove registry entries (Windows Microsoft Guardian):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US