Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

How to remove PC Security Guardian virus

PC Security Guardian is a fake antivirus program from the Virus Doctor rogues family as Best Malware Protection, Internet Security Essentials, Internet Antivirus 2011, My Security Shield, Security Master AV, etc. The program displays a lot of fake errors messages, prevents softwares execution, hijacks internet browsers in order to trick you into purchasing a license. Remember, the fake antivirus is unable to detect and remove any infections, so do not pay for the bogus software and remove it as soon as it gets to your computer!

PC Security Guardian promoted through the use of advertisement which pretends to be an online malware scanner. This advertisement will state that you computer is infected and all you have to do in order to cure your computer is install the software. Important to know, this online scanner is a fake and cannot detect any viruses or infections on your PC. The results that are displayed are totally fabricated!

Once started, PC Security Guardian will configure itself to run automatically every time when Windows loads. Next, it will add a few entries into the HOSTS file so that when you open Google, Yahoo or Bing, you will be redirected to various misleading websites. The rogue will also create several fake malware files, that absolute harmless but, later during the scan, PC Security Guardian will label them as worms, trojans and viruses. Of course, the scan look realistic and legitimate, you should never trust it! The rogue want to trick you into thinking that your computer in danger and make you believe you must buy the full version of the software. Remember, the program pretends to be an antivirus software, but in reality is unable to detect or remove any infections and nor will be protect you from legitimate future threats. So you can safely ignore the false scan results.

While PC Security Guardian is running, the rogue will block the Windows Task Manager and most antivirus and antispyware tools. Moreover, it will display a variety of fake security warnings and alerts that attempt to make you think your computer is infected with all sorts of malicious software. Some of the alerts are:

System alert
PC Security Guardian has detected potentially harmful software in
your system. It is strongly recommended that you register
PC Security Guardian to remove all found threats immediately.

System warning
No real-time malware, spyware and virus protection was
found. Click here to activate.

Warning! Identity theft attempt detected
Hidden connection IP: 128.154.26.11
Target: Microsoft Corporation keys

Warning
Warning! Virus detected

As you can see, all of these warnings states the same: the system is infected. In case you want to fix it, PC Security Guardian will prompt you to pay money. However, like false scan results above, all of these security messages are just a fake and has been displayed to trick you into purchasing so-called full version of the fake security program. So, you should ignore all of them.

As you can see, the program is a totally scam. It is neither able to detect, nor to remove any threats from the system. PC Security Guardian has been created with one purpose is to steal your money and leave you in a trouble. Thus, do not be fooled into buying the program! Instead of doing so, follow the removal guidelines below in order to remove PC Security Guardian and any associated malware from your computer for free.

Symptoms in a HijackThis Log

O4 – HKCU\..\Run: [PC Security Guardian] “C:\Documents and Settings\All Users\Application Data\8eb0d6\PS8eb_2328.exe” /s /d

Automatic removal instructions for PC Security Guardian

Step 1. Reboot your computer in Safe mode with networking

Restart your computer.

After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

safe-mode-how-to
Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Step 2. Reset proxy settings of Internet Explorer

Run Internet Explorer, Click Tools -> Internet Options as as shown in the screen below.


Internet Explorer – Tools menu

You will see window similar to the one below.


Internet Explorer – Internet options

Select Connections Tab and click to Lan Settings button. You will see an image similar as shown below.


Internet Explorer – Lan settings

Uncheck “Use a proxy server” box. Click OK to close Lan Settings and Click OK to close Internet Explorer settings.

Step 3. Remove PC Security Guardian associated malware

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.

MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.

As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.

malwarebytes-antimalware1
Malwarebytes Anti-Malware Window>

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for PC Security Guardian associated malware. This procedure can take some time, so please be patient.

When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.


Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove PC Security Guardian. MalwareBytes Anti-malware will now remove all of associated PC Security Guardian files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Step 4. Reset HOSTS file
PC Security Guardian may change the Windows system HOSTS file so you need reset this file with the default version for your operating system.

Please download OTM by OldTimer from here and save it to desktop. Run OTM, copy, then paste the following text in “Paste Instructions for Items to be Moved” textarea (under the yellow bar):

:Commands
[resethosts]

Click the red Moveit! button. Close OTM.

PC Security Guardian removal notes

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.

PC Security Guardian creates the following files and folders

%UserProfile%\Application Data\PC Security Guardian
%UserProfile%\Application Data\PC Security Guardian\cookies.sqlite
%UserProfile%\Desktop\PC Security Guardian.lnk
%UserProfile%\Start Menu\PC Security Guardian.lnk
%UserProfile%\Application Data\PC Security Guardian\Instructions.ini
%UserProfile%\Start Menu\Programs\PC Security Guardian.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Security Guardian.lnk
C:\Documents and Settings\All Users\Application Data\[RANDOM]

PC Security Guardian creates the following registry keys and values

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | PC Security Guardian

May 5, 2011 on 11:03 am | In Malware removal, Rogue Anti Spyware | 14 Comments |


14 Comments »

RSS feed for comments on this post.

  1. Thank you very very very much! It worked!

    Comment by Jesse — May 7, 2011 #

  2. Hello,
    whe I click the “move it” button in OTM I have a note, that the log file cannot be created.
    Please can vou help me?

    Comment by Beatrixkiddo — May 8, 2011 #

  3. Beatrixkiddo, try run OTM as administrator (Right click to OTM and select run as Administrator).

    Comment by Patrik (Myantispyware admin) — May 19, 2011 #

  4. My log file can not be created as well and I have tried running it as administrator. Also, will the search engine re-direction be stopped after OTM is run or would that have stopped before?

    Comment by Stephen — May 21, 2011 #

  5. Stephen, try run OTM in Safe mode.

    Comment by Patrik (Myantispyware admin) — May 25, 2011 #

  6. I’ve run OTM successfully but my search engine is still being redirected. I have tried restarting my computer. I’m sorry for the inconvenience, and thank you for your help so far.

    Comment by Stephen — May 26, 2011 #

  7. Really very helpful!!
    Thank you very much:))

    Comment by Idea Studio — May 29, 2011 #

  8. Thank you very much!! You helped me a lot. Nice website!

    Comment by asparagin — May 30, 2011 #

  9. Thanks so much for posting this!! It worked, and I am glad to have my regularly, and properly, operating computer back!!

    Comment by Shane — May 31, 2011 #

  10. thank you very much…it was very helpful…

    Comment by thanasis — June 3, 2011 #

  11. my computer wont open the safe mode menu when i press f8 when i restart my computer. what should i do?

    Comment by amber — June 6, 2011 #

  12. amber, try to follow the steps in Normal mode.

    Comment by Patrik (Myantispyware admin) — June 6, 2011 #

  13. Thank you so much, it really worked on my computer!!
    I wish my worst desires to that people who only want to hurt someone else, like guardian’s creators!!!

    Comment by Alejandro — June 28, 2011 #

  14. Thank you! Worked like a charm!

    Comment by Henk — July 13, 2011 #

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


My Anti Spyware - Free antispyware programs and Spyware Removal Instructions.