Antivirus System Pro Removal Guide
Removal Tool: Remove Fake Antivirus. (Download it here.)
Antivirus System Pro Removal Guide
Kill Process
(How to kill a process effectively?)
sysguard.exe
uninstall.exe
Antivirussystempro.exe
Delete Registry
029D18CB-8632-463c-93B7-C210AE50C722
8567EDFA-408C-43e9-B929-4C25C04F5003
BAD4551D-9B24-42cb-9BCD-818CA2DA7B63
E85C18E7-C293-4424-9DD0-B31D8DB27013
HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "system tool"
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus System PRO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Antivirus System PRO"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad "ieModule"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus System PRO
Remove Folders and Files
%SYSTEMROOT%\system32\iehelper.dll
%ProgramFiles%\Antivirus System PRO
%SYSTEMROOT%\sysguard.exe
Antivirus System Pro Removal Guide
Kill Process
(How to kill a process effectively?)
sysguard.exe
uninstall.exe
Antivirussystempro.exe
Delete Registry
029D18CB-8632-463c-93B7-C210AE50C722
8567EDFA-408C-43e9-B929-4C25C04F5003
BAD4551D-9B24-42cb-9BCD-818CA2DA7B63
E85C18E7-C293-4424-9DD0-B31D8DB27013
HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "system tool"
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus System PRO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Antivirus System PRO"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad "ieModule"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus System PRO
Remove Folders and Files
%SYSTEMROOT%\system32\iehelper.dll
%ProgramFiles%\Antivirus System PRO
%SYSTEMROOT%\sysguard.exe
7 comments:
My whole user account is infected, all the programs I need to open are infected, I cannot open or run any of my controls.
Can someone please help!?
I've tried all that I know, tried to run the system restore (won't even run), Task Manager (won't run either), and I've tried to download + install new programs to get rid of this virus, none of them open or run!
May be u can try G Data Rescue disk which can used to scan and remove the virus in your hard drive.
http://www.raymond.cc/blog/archives/2009/11/13/free-gdata-bootcd-2010-scans-for-virus-with-dual-antivirus-engine-avast-and-bitdefender/
I have the same problem. The antivirus system pro has disabled almost all of the programs, other antivirus software, taskmanager, skype, Start-run, spyware doctor... It is getting really tough! I hate it. I do not know what to do.
I could not download the Gdata either.
I also downloaded the registrybooster, which was prevented from installing by the antivirus system pro.
There is other way to terminate the virus process: Boot your windows, When u see the welcome screen (or before seeing the welcome screen), press Ctrl+Alt+Del to open Task Manager and end the process sysguard.exe. u may need to terminate sysguard.exe a few time. After making sure the processes are terminated, u should run RFA or other antispyware / antivirus again and reboot your computer.
Okay, first of all, the thing is setting up its own LAN proxy. If you can get into your Internet Options settings in Internet Explorer, go into the LAN settings of your Connections options. Uncheck the lower checkbox and click save, but don't close the Internet options window yet because you may have to do this a few times.
In the browser bar, go to http://download.bleepingcomputer.com/grinler/rkill.com
Download the file to your desktop. Run rkill to stop the processes of the malware. Do this as often as necessary until it stops giving you security warnings.
I just got this little nasty this morning. I have just now, using these steps, gotten to where I can start running my anti-virus/anti-malware programs.
This bug is pretty nasty..I do think that Sophos antivirus has a free removal tool for this, though. I am sure they have one for Conficker (all variations), and I thought I saw this over there as well. It is worth looking for. Just click that link or Google it. I am sure you'll find it!
Post a Comment