Archive for May, 2011

What is PC Security Guardian, How to remove PC Security Guardian

Friday, May 6th, 2011

PC Security Guardian is a harmful program.

remove It is a fake security program, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

PC Security Guardian associated files and folders:

C:\Documents and Settings\All Users\Application Data\da1933\AB120_121.exe
%UserProfile%\Application Data\PC Security Guardian
%UserProfile%\Application Data\PC Security Guardian\cookies.sqlite
%UserProfile%\Desktop\PC Security Guardian.lnk
%UserProfile%\Start Menu\PC Security Guardian.lnk
%UserProfile%\Application Data\PC Security Guardian\Instructions.ini
%UserProfile%\Start Menu\Programs\PC Security Guardian.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Security Guardian.lnk

PC Security Guardian associated registry keys and values:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | PC Security Guardian

Core filename: AB120_121.exe
Command: C:\Documents and Settings\All Users\Application Data\da1933\AB120_121.exe
HijackThis shows PC Security Guardian:

O4 – HKCU\..\Run: [PC Security Guardian] “C:\Documents and Settings\All Users\Application Data\da2933\AB120_121.exe” /s /d

Description: PC Security Guardian is a fake antivirus program that installed through the use of trojans without user knowledge and permission. When is started, it will perform a fake scan and state that your computer is infected with viruses, spyware and malware. Moreover, this malware will display numerous fake security alerts and block legitimate and trustful applications used on your computer. In order to cure your PC, the program will suggest you to purchase its full version. Most important, do not pay for the fake antivirus! Instead, follow the removal guide below to remove PC Security Guardian from your computer for free using legitimate free antimalware software.

How to remove: use the PC Security Guardian removal guide or the steps below.

1. Reboot your computer in Safe mode with networking.

2. Reset proxy settings of your browser (this malware hijacked them) by doing: run Internet Explorer, Click Tools -> Internet Options. Select Connections Tab and click to Lan Settings button. Uncheck “Use a proxy server” box. Click OK and click OK again.

3. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).

4. Download OTM by OldTimer from here and save to your desktop.
Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):

:Commands
[emptytemp]
[resethosts]

Click the red Moveit! button. Close OTM.