trial expired;what is guard.exe doing?

Discussion in 'ewido anti-spyware forum' started by argus tuft, Oct 24, 2006.

Thread Status:
Not open for further replies.
  1. argus tuft

    argus tuft Registered Member

    Joined:
    Sep 20, 2006
    Posts:
    280
    Location:
    Australia
    Hi all, yes, i know how stupid that sounds, but what i mean is, now that the trial has ended along with real time 'guarding' why is guard.exe still running, and is it doing anything useful? if not how do i stop it running? I plan to keep ewido as an on demand scanner as i find the right click 'scan for spyware really usefull.
    thanx in advance
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    im not sure what it does after the trial expiry, but you can stop it from running:

    Control Panel > Administrative Tools > Services > find the ewido service, right-click and select properties. You can then change the startup type to Disabled.
     
  3. charincol

    charincol Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    113
    Now that you don't want guard.sys running or even staying hooked (cause it's still a hooked service even if it's disabled) you can delete these registry keys:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewido anti-spyware 4.0 driver]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewido anti-spyware 4.0 guard]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ewido anti-spyware 4.0 driver]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ewido anti-spyware 4.0 guard]

    and the startup entry, "!ewido" from this key:

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    If you're not comfortable with deleting them manually, I've included a .reg file that will do it automatically. Change the ".txt" at the end to ".reg" to convert it to a .reg file.

    Reboot your computer after performing the above surgery.

    This only works with Ewido AS, not AVG AS as the reg keys are labeled different for AVG. I've stuck with Ewido because the on-demand scanner context menu item doesn't work in AVG if the the realtime function isn't working from either turning it off by disabling the service or converting to the free version.

    Deleting these keys also instantly turns Ewido into an on-demand only scanner without having to wait the 30 days.

    I'll make the switch to AVG AS when the context menu scanner still works even after it converts to the free version. I have no need for it's realtime function.
     

    Attached Files:

  4. GS2

    GS2 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    42
    Sorry wrong forum
     
  5. Morpheus

    Morpheus Registered Member

    Joined:
    Aug 13, 2003
    Posts:
    45
    FYI:
    The AVG keys are labelled as follows:-

    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVG Anti-Spyware Driver]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVG Anti-Spyware Guard]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVG Anti-Spyware Driver]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVG Anti-Spyware Guard]
     
  6. CelestialTeardrop

    CelestialTeardrop Registered Member

    Joined:
    Sep 18, 2006
    Posts:
    30
    I currectly use AVG AS in its free version and the context menu scanning option is available. Is there anyone out there who also has the context menu scanner in the free version?
     
  7. argus tuft

    argus tuft Registered Member

    Joined:
    Sep 20, 2006
    Posts:
    280
    Location:
    Australia
    Hi, the [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVG Anti-spyware 4.0 driver]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVG Anti-spyware 4.0 guard]
    entries don't seem to be there... Should I now be looking elsewhere for them?
     
    Last edited: Jan 23, 2007
  8. Rickster100

    Rickster100 Registered Member

    Joined:
    Sep 29, 2005
    Posts:
    152
    Location:
    United Kingdom
    Hello,

    Im now running AVG as an on demand scanner after having used it as paid software for one year. Disabling the guard.exe service and the avgas.exe at startup should certainly be enough. The context menu scanner option is available in the free version. ;)

    Richie
     
Thread Status:
Not open for further replies.