Filename:
sysguard.exe
Related to:
Spyware Protect 2009
File Directory:
%Windir%\
Startup Type:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”sysguard” = “%Windir%\sysguard.exe”
Removal and Protection:
Deleting the file sysguard.exe will not help in removing the threat on computer. Antivirus and Anti-Spyware Software are recommended for automatic removal and protection.
12 Responses for "sysguard.exe"
wow, i was able to find it and get rid of the link thing, but it’s not allowing me to get online or anything else. i’ve had norton 360 for quite some time and i don’t understand how i got the virues even with it, my subscription is competely up to date
it is not a virus. It is malware. 360 by symantec protects you from known viruses.. etc.
@ laura, that program is useless.
You can START>RUN>SEARCH for sysguard.exe. You should find it here>>>
C:\WINDOWS\Prefetch\
delete the file with the name SYSGUARD*…
and here>>>
C:\WINDOWS\sysguard.exe
You may also find it using start>run>msconfig startup tab - sysguard.exe
disable it there, but do the other 2 first. It may be gone @ next start up. Next time, don’t visit that nudie site! hahah
Good luck.
Awil Avast found it too.
My work PC had this. I located the file name on the task manager, searched my hard drive for the file name, select the file properties, then the security and denied every permission. It hasn’t come back yet. I’m using this as a short term solution.
You can find out the file the program is using by waiting until the real popup window comes up on your desktop and right-clicking over the titlebar at the top of the popup window.
Then select properties
This will give you the name and location of the command file (i.e. C:WINDOWSsysguard.exe)
Now that you know the name of the file and location, you can go from there deleting it and eliminating the registry keys associated with it.
———————————————————————
(in addition i had to do the below to get rid of the I.E. redirect the sysguard.exe created.)
1) Open Registry Editor:
Start > Run > type “regedit” (without the quotes)
2) Delete Registry entry
*Always export the registry to your hard drive as a backup before editing it. (File > Export)
Select HKEY_CURRENTUSER > SOFTWARE > AVSCAN
Right click on the AV Scan folder and select Delete.
Also, you may need to delete the sysguard from the startup programs list. It is found under the HKEY_LOCALMACHINE > Software > Microsoft > Shared Tools > Startupreg
Delete the folder containing the command to launch sysguard at startup. Highlight the folders to see the command lines for the registry entry. If it says sysguard.exe, delete it.
After deleting the files from your hard drive and deleting the registry keys, the virus is now gone for good! Don’t forget to empty your recycle bin!
Great information people!! Thank you for all the expert advise!!! Boy, I wish this kind of info was more accessible on the internet!!
Adolph you kick ass!!
Hailz~
I have been trying to get rid of this thing for two days with no success. What security program do you recommend? I don’t want to be messing with this forever. Is there a program that will just do it after I install it? Who is responsible for this shit anyway? I would love to send them an email….at least.
Thanks
Thanks for your help. I finally have this stupid program gone.
After deleting the sysguard.exe (or whatever version exe it is using), remove it from your registry as well with regedit. Make sure your browsers are all closed first. It also changes your proxy settings to something like localhost:7171. The port might vary. If you remove all of the proxies (with regedit too), you can then browse the internet. That’s at least a start to fixing the problem.
easy removal directions people, great job. I found the reg, windows local an i always delete all in prefect but the avscan in sofware i missed TY ADOLF!!
If I may add, the second i found i had it it came from Jengo, i rebooted into safe mode. took me ten min to find remove and on my way… thank god for two PC’s or i wouldn’t have been able to find the fix …lol
Thanks for the info
Any Response?
Can't Find a Solution?
Start a Discussion Here!