Remove Additional Guard

November 22, 2009

 

Additional Guard will disguise as a Windows antivirus program to be able to penetrate a computer and convince people to have it installed. Additional Guard will released various security warnings on computer aiming to scare its victims on the present security risks. A virus scan will also be displayed by Additional Guard that will detect a fake threats to be able to convince user to buy the licensed version of the program. Infiltration of Additional Guard may also give several malfunctions on the computer including disconnected Internet access, disabled antivirus program and Windows functions.

To be able to remove Additional Guard completely, antivirus and anti-malware combination must be used in order not only to remove the rogue programs but also all the viruses and Trojans that's keeping Additional Guard on the computer.

Download Additional Guard Removal Program

Proceed to "How to Remove Additional Guard Virus"

What are Additional Guard Files

What are Additional Guard Registry Entries

Additional Guard Image

Additional Guard Image

Files and Folders Related to Additional Guard

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Additional Guard”
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\xp_7a9be.DocHostUIHandler
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://search-gala.com/?&uid=220&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://search-gala.com/?&uid=220&q={searchTerms}”

Windows Registry Entry Associated with Additional Guard

%UserProfile%\Application Data\2565da61\AG345d.exe
%UserProfile%\Application Data\2565da61\278.mof
%UserProfile%\Application Data\2565da61\mozcrt19.dll
%UserProfile%\Application Data\2565da61\sqlite3.dll
%UserProfile%\Application Data\2565da61\AG.ico
%UserProfile%\Application Data\2565da61\AGSys
%UserProfile%\Application Data\2565da61\AGSys\vd952342.bd
%UserProfile%\Application Data\2565da61\ag.cfg
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Additional Guard.lnk
%UserProfile%\Application Data\Additional Guard\cookies.sqlite
%UserProfile%\Desktop\Additional Guard.lnk
%UserProfile%\Recent\cb.exe
%UserProfile%\Recent\CLSV.tmp
%UserProfile%\Recent\ddv.dll
%UserProfile%\Recent\dudl.drv
%UserProfile%\Recent\energy.dll
%UserProfile%\Recent\energy.sys
%UserProfile%\Recent\exec.exe
%UserProfile%\Recent\fan.drv
%UserProfile%\Recent\FS.dll
%UserProfile%\Recent\PE.drv
%UserProfile%\Recent\ppal.exe
%UserProfile%\Recent\SICKBOY.tmp
%UserProfile%\Recent\tjd.sys
%UserProfile%\Start Menu\Additional Guard.lnk
%UserProfile%\Start Menu\Programs\Additional Guard.lnk
%Program Files%\Mozilla Firefox\searchplugins\search.xml

How to Remove Additional Guard

1. It is best to Print this procedure for your reference. We need to close all applications later.
2. Press Ctrl+Alt+Del to End the malware process and running program. Click on the Processes Tab and highlight  the associated process, then click End Process
3. Download MalwareBytes' Anti-Malware on your Desktop.
4. Once downloaded, close all programs and double click the downloaded file to begin installation.
5. Proceed with the installation with the default settings.
6. At the end of the installation, please click on Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware.
7. It will prompt to restart computer. Please reboot your computer.
8. Scan your computer with "Perform full scan"