Wednesday September 08 , 2010
Text Size
   

AntiVirus Pro 2009 - sysguard.exe

 E-mail

Nov 27 |21:08 PM

The Anti Virus Extortion

I normally don’t blog or write about computer viruses or malware for that matter but “Anti Virus PRO 2009” takes it to a new level. This program is anything but an anti virus program it is pure and simply extortion. The files associated with Anti Virus Pro are ”sysguard.exe” which is what you need to get rid of to stop it from running. Please note however that the company behind the Anti Virus program, Anti Virus 2009 (2008 and 2010), continually changes the first few letters of the executable file. The latest we have seen is “gjsosysguard.exe” they may or may not add the extras letter but the results and the file is the same. Look carefully for “sysguard.exe” with a few letters in front

Here’s what happens

Everything you click on claims it has been infected by a virus – task manager, run, internet explorer, you name it. The fact is the only virus you have is “Anti virus Pro 2009” or 2008 for that matter and soon to be 2010. I lightly call this a virus because the only thing that works is the buttons in the program and internet explorer to take you to the purchase site. For gods sakes don’t buy this program you do not have all the viruses it claims - Anti Virus Pro is the virus or should I say extortion virus.

The good thing is you can get rid of without spending a dime and if you are reading this and have it on your machine you are either on another machine or have been fortunate enough to have installed Firefox in which to browse the internet because Anti Virus Pro 2009, the program “gjsosysguard.exe” hijacks Internet explorer. Now the sad part is you cannot download anything to the machine because the minute you try to run a program to get rid of Ant Virus Pro 2009 it politely informs you that what you are trying to run is a virus and halts execution “bull on that”.

Now here’s what to do:
  • Shut of the computer, it may not turn off by itself so get ready to pull the plug, no big deal.
  • Restart Computer
  • After Windows loads and as soon as the Desktop appears press CTRL- ALT-DELTE to bring up the Task Manager , if you wait to long or don’t catch it before Anti Virus 2009 loads – Repeat and try again.
  • In Task Manager click on the tab “Processes” and then click on “Image Name” to sort in ascending order
  • As soon as you see the file gjsosysguard.exe or a variant as in "abcsysguard.exe" in the Processes Tab click on it and then right click to End Process . This will stop the program from running and allow you time to breathe to delete the files. Look for any variant "####sysguard.exe" there may be from 1 to 4 letters in front.
  • You should now have control of your machine and start repairs.
    • Next - Deleting Anti Virus Pro 2009 and gjsosysguard.exe
    • Delete the executable file gjsosysguard.exe it is the main file to delete. The easiest way to find it is to Open up Search and type in gjsosysguard.exe, it will normally turn up 2 or more instances. Please keep in mind as of this writing it was "gjso" in front of "sysguard.exe" you may have another variant so pay attention to the name of the file that you killed in the Task Manager
    • At least one of the files will be in a hidden directory. Search will show you this directory but when you look for it the directory will not be there so follow below to learn how to view the hidden directories.
    • Start - My Computer
    • Navigate to the folder listed in the Search results
    • Select from the main menu Tools then Folder Options...
    • Select the View Tab
    • Check the box labeled Show hidden files and folders
    • You will now be able to see the files returned from search and any other associated files
    • >Delete all instances of the file.
    • >Use the System Configuration Utility to uncheck the box gjsosysguard.exe so that it will not try to start. Use START - Run.. to launch the utility

     

    Fix Internet Explorer
    • Because Anti Virus 2008 hi-jacks Internet Explorer you need to change a few settings
    • In Internet Explorer go to Tools then choose Internet Options
    • Select Connections
    • Select LAN
    • Uncheck Proxy unless you are using a proxy server which most of you are not

    There are some registry entries that should be removed but I'll leave that for another time the whole point is to free your machine from Anti Virus PRO 2009 and get you working again

Quick Links

Quick Launch Available

ImageRapid Deployment

Choose a standard configuration hosted desktop for a quick launch of your hosted desktop.

Office Applications

ImageStandard Office Applications

With a pre-configured hosted desktop not only can you get online quickly but with the top desktop application tuned for optimal performance.

Open Source

ImageComplimentary Open Source

A selection of integrated office applications that require no end user license. Make the most of your hosted desktop with these robust applications.