What is guard?

Guard.sys is a Windows driver. A driver is a small software program that allows your computer to communicate with hardware or connected devices. This means that a driver has direct access to the internals of the operating system, hardware etc. The free file information forum can help you determine if guard.sys is a Windows system file or if it belongs to an application that you can trust.

Run a free scan to check for guard drivers in need of updating

Guard.sys file information

The process belongs to software AVG Anti-Spyware or ewido anti-spyware or ewido security suite by unknown.

Description: Guard.sys is not essential for the Windows OS and causes relatively few problems. Guard.sys is located in a subfolder of "C:\Program Files". Known file sizes on Windows 10/8/7/XP are 3,968 bytes (50% of all occurrences), 4,096 bytes or 3,072 bytes. 
The driver can be started or stopped from Services in the Control Panel or by other programs. There is no file information. The program is not visible. There is no detailed description of this service. It is not a Windows system file. guard.sys appears to be a compressed file. Therefore the technical security rating is 54% dangerous; however you should also read the user reviews.

Uninstalling this variant: If problems with ewido anti-spyware or AVG Anti-Spyware occur, you could also safely remove the program using the uninstall program of (Control Panel ⇒ Uninstall a Program).

Recommended: Identify guard.sys related errors

Important: Some malware camouflages itself as guard.sys. Therefore, you should check the guard.sys process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.


User Comments

It is part of Ewido Security Suite. I believe it helps catch trojans as they attempt to install on your computer.
ewido\security suite
  Waltraud Mü  
Part of Ewido Spyware Program
  Michael Gaconnet   (further information)
its a trojan destory
  hermeet   (further information)
Service name, and display name is ewido security suite driver. This startup entry is installed as a Windows NT, 2000, 2003, or XP service. This is a valid program that is required to run at startup.This program is required to run on startup in order to benefit from its functionality or so that the program will work.
  Hugo   (further information)
Ewido anti spyware,
  Steffen Ernst   (further information)
used by Grisoft AVG antispyware
  Mick S  
it's part of AVG-AntiSpyware for Resident Protection, if you have it installed it should be safe.
Nachtrag 2: Die guard.sys setzt, wenn ich es richtig vertsanden habe, zum Schutz der guard.exe Kernel-Hooks, weshalb sie von einigen Rootkitscannern wie IceSword als "verdächtig" eingestuft wird. Es handelt sich hierbei jedoch definitiv um kein Rootkit.
  SETI   (further information)
Name: AVG-Anti-Spyware Driver; Hersteller: Grisoft; MD5-Checksumme: 7D78B7FD0EBE00F177B053A08C78E35B;Standard-Pfad (der Version 7.5): c:\programme\grisoft\avg anti-spyware 7.5\guard.sys; Dies ein KernelTreiber, der zu AVG-AntiSpyware (ehemals Ewido) gehört. Er schützt den NT-Dienst guard.exe, so dass der geschützte Wächter-Dienst nicht beendet werden kann. Der Treiber lässt sich nicht verifizieren, da die Herstellerangaben (und Versionsangaben) fehlen. Der Treiber ist in Visual C++ v7.0 geschrieben.

Rating chart

Summary: Average user rating of guard.sys: based on 10 votes with 10 user comments. 9 users think guard.sys is essential for Windows or an installed application. One user thinks it's neither essential nor dangerous.

Do you have additional information? Help other users!
What do you know about guard.sys:
How would you rate it:
Link for more info:
Your Name:

Best practices for resolving guard issues

A clean and tidy computer is the key requirement for avoiding problems with guard. This means running a scan for malware, cleaning your hard drive using cleanmgr and sfc /scannow, uninstalling programs that you no longer need, checking for Autostart programs (using msconfig) and enabling Windows' Automatic Update. Always remember to perform periodic backups, or at least to set restore points.

Should you experience an actual problem, try to recall the last thing you did, or the last thing you installed before the problem appeared for the first time. Use the resmon command to identify the processes that are causing your problem. Even for serious problems, rather than reinstalling Windows, you are better off repairing of your installation or, for Windows 8 and later versions, executing the DISM.exe /Online /Cleanup-image /Restorehealth command. This allows you to repair the operating system without losing data.

To help you analyze the guard.sys process on your computer, the following programs have proven to be helpful: Security Task Manager displays all running Windows tasks, including embedded hidden processes, such as keyboard and browser monitoring or Autostart entries. A unique security risk rating indicates the likelihood of the process being potential spyware, malware or a Trojan. Malwarebytes Anti-Malware detects and removes sleeping spyware, adware, Trojans, keyloggers, malware and trackers from your hard drive.

Other processes

guard.sys [all]