How to remove Windows Active Guard

Home » Rogue Anti-Spyware » Windows Active Guard Repair and protect your computer easily. Download Windows Active Guard removal tool

Windows Active Guard description

Windows Active Guard is a fake computer security software which pretends being legitimate PC protection tool. It spreads via trojan and installs itself automatically without user’s knowledge and consent. Malware gains to trick user into believing their PC is severely compromised.

Once installed Windows Active Guard starts to imitate computer scans and displays numerous rogue security alerts that state your compute has many infections:

Error
Attempt to run a potentially dangerous script detected.
Full system scan is highly recommended.

Error
Keylogger activity detected. System information security is at risk.
It is recommended to activate protection and run a full system scan.

Torrent Alert
Recommended: Please use secure encrypted protocol for torrent links.
Torrent link detected!
Receiving this notifications means that you have violated the copyright laws. Using Torrent for downloading movies and licensed software shall be prosecuted and you may be sued for cybercrime and breach of law under the SOPA legislation.

Malware will offer you to purchase its supposedly legal registered version but you need to ignore it because this is a fraud. Do not fall for this scam. It may also redirect your browser to misleading web pages that sell the program. It’s not worth spending your money for this scam because Windows Active Guard  is not able to provide any actual computer security service. Use decent anti-spyware application and get rid of the scam immediately.

How to get rid of Windows Active Guard

This infection can be removed using Spyware Doctor.

Download does not start? Try a mirror download here
Spyware Doctor is widely valued as one of the best AntiSpyware programs available to protect you from Windows Active Guard and the latest internet security threats. If your computer is infected with Windows Active Guard we strongly recommend automatic spyware scanner.

How to manually remove Windows Active Guard

To get rid of spyware such as Windows Active Guard you need to remove processes, search and delete registry keys, DLL and other Windows Active Guard related files from your computer.

Take Note: The manual process of removing spyware from your computer is difficult and puts you at risk of damaging your computer. We advise using our automatic Windows Active Guard remover.

1. Uninstall Windows Active Guard from Control Panel
   Start > Settings > Control Panel > Add/Remove Programs. Double click to uninstall.
2. End these Windows Active Guard processes:
   Protector-.exe
   To stop processes press Ctrl + Alt + Del or click Start > Run > type "taskmgr". Select malicious process in the list and click "End Process" button.
3. Unregister Windows Active Guard DLL files:
   NPSWF32.dll
   To unregister DLL click Start > Run > type "regsvr32 /u PATH_TO_FILE/FILE.dll"
4. Delete Windows Active Guard registry entries: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-7-23_3"
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "odfjjflrtb"
   HKEY_CURRENT_USER\Software\ASProtect
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitornt.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iamstats.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OAcat.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7win.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win-bugsfix.exe
   To open registry editor click Start > Run > type "regedit".
   Warning! Manual registry entries editing may cause damage to your system.
   Download Uniblue RegistryBooster 2010 to scan for registry errors.
5. Search and delete these Windows Active Guard related files:
   %AppData%\NPSWF32.dll
   %AppData%\Protector-.exe
   %AppData%\Protector-.exe
   %AppData%\result.db
   %AppData%\1st$0l3th1s.cnf