How to remove Antivirus System PRO

Monday, May 11th, 2009 at 5:05 am
Home » Rogue Antispyware » Antivirus System PRO

Antivirus System PRO description

Antivirus System Pro is NOT a legitimate computer security program, it is NOT a real anti-spyware. Antivirus System Pro is a scam, a cheap imitation of a security software, built to rip off money from naïve PC users, but not to provide real system protection. Please do not purchase, download or install this program.

antivirus-system-pro

Antivirus System Pro is a successor of some infamous malware like System Guard 2009 and Spyware Protect 2009. It is installed through backdoor trojans and rogue websites therefore you should not trust the applications that might suggest you to acquire this program. If Antivirus System Pro sneaks into your computer it slows down the system, performs loads of system scans, and tries to scare you with numerous false security warnings. It then suggests buying its licensed version, which should eliminate the ‘threats’. However, this software does not work as a security program, it is a malicious software, which is not able to provide any kind of system protection. It is highly recommended that you remove this program ASAP upon detection.

Antivirus System Pro is an identical twin of recent Antivir System Pro malware.

Antivirus System PRO is a Rogue Antispyware software

How to manually remove Antivirus System PRO

To remove Antivirus System PRO spyware you must block Antivirus System PRO sites, stop and remove processes, unregister DLL files, search and delete all other Antivirus System PRO files and registry utility. Follow the Antivirus System PRO detection and removal instructions below.

The most typical software removal method is to remove Antivirus System PRO by using "Add or Remove Programs" service. However there may be hidden Antivirus System PRO files, running processes and registries in your computer, so Antivirus System PRO may recreate all other files after reboot.

Antivirus System PRO manual removal instructions

Block Antivirus System PRO sites:
antivirsystem.com
inetavirus.com
antivirwin2009.com
antivir2009pro.com
antivirussys2009.com
scan-spyware-now.com
itsecure.microsoft.com
antispy.microsoft.com
oemantivir.microsoft.com
osadwarekill.microsoft.com
osadwarekill.com
osawarepro.com
virusermoverpro.com
awareremover.com
antivir-platinum.com
antivirplatinum.com
antivirplatinum.microsoft.com
windows-shield.com
winshield2009.com
os-guard.com
os-guard.microsoft.com
winguard2009.microsoft.com
win-guard2009.microsoft.com
direct-antivirus.com
winwarepro.microsoft.com
osawarepro2009.microsoft.com
awareremover2009.microsoft.com
sysguard2010.com
royalantivirus.com
royalantivirus.microsoft.com
sysguard2010.microsoft.com
winguard-2009.com
osadwarekill2009.com
winwarepro.com
winsecure2009.com
winguard-2009.com
osguardpro.microsoft.com
coantivirus.com Read more how to block Antivirus System PRO sites

Stop and remove Antivirus System PRO processes:
Antivirussystempro.exe
uninstall.exe
sysguard.exe Read more how to kill Antivirus System PRO processes

Locate and delete Antivirus System PRO registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus System PRO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus System PRO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Antivirus System PRO"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad "ieModule"
HKEY_CURRENT_USER\Software\AvScan
HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "system tool" Read more how to delete Antivirus System PRO registry entries
Download RegistryBooster 2010 to scan errors caused by Antivirus System PRO

Search and unregister Antivirus System PRO DLL libraries:
iehelper.dll Read more how to unregister Antivirus System PRO DLL files

Detect and delete other Antivirus System PRO files:
%ProgramFiles%\Antivirus System PRO\conf.cfg
%ProgramFiles%\Antivirus System PRO\mbase.vdb
%ProgramFiles%\Antivirus System PRO\quarantine.vdb
%ProgramFiles%\Antivirus System PRO\queue.vdb
c:\WINDOWS\sysguard.exe
c:\WINDOWS\system32\iehelper.dll

We strongly recommend you to use spyware remover to track Antivirus System PRO and automaticaly remove Antivirus System PRO processes, registries and files as well as other spyware threats.

Download does not start? Try a mirror download here

Tags: , , , ,

84 Responses to

Antivirus System PRO

  1. Rick
    June 16th, 2009 at 12:48 pm

    Used the instructions found here to clean the infection manually. Not every line in the registry was found, but some were and they were deleted. Also restricted the http sites, deleted files, and End’ed processes. So far this appears to have done the trick.

    Cumbersome to work around the virus “alert” in the center of the screen, but do-able. Downloaded, but did not try the auto-clean program.

    I know the Verizon network I’m on is not blocking ports, as opposed to the Time Warner network at another location which blocks most unregistered ports.

    Brian Reply:
    November 23rd, 2009 at 9:38 am

    ATTENTION!!!!
    Once you start your computer and your screne pops up press ctrl alt dltright away, then follow the instructions on this site. Might take a while but you cann get it done.

    What I did after the ctl alt dlt, was follow these instructions but it kept poping up. I sat there and watched the “processess” to see which ones were going off when the pop ups would come and then I just ended those processess. Do that and then follow the instructions here.

    Also look through ALL these comments as there seems to be alot more things that need to be done by following along woth others.

    YOU CAN DO IT!!!

    God Bless

    Brian Reply:
    November 23rd, 2009 at 10:10 am

    One more thing… This site is ROCKS. I have used it three times for viruses and each time removing manually, I got it done…

    Have a little patience and you WILL fix your computer.

    DO NOT let the hackers win by making you buy a new computer or having to take it to a professional for fixing. You can do it yourself.

    God Bless

    Brian Reply:
    November 23rd, 2009 at 11:25 am

    If you go down to

    Barry’s sugestion located towards the bottom

    date of Nov. 15th 2009.

    That is the quick and easy, down and dirty fix…

    Thank you Barry

  2. Yakov
    June 17th, 2009 at 9:24 pm

    The same as Rick. In addition did not find anything in Program Files.
    Still, seems to work. Probably, these are all various places, where it CAN be. Great thanks to the author.

    Godfreys Reply:
    July 7th, 2009 at 10:37 pm

    Thanks for this information, I have been able to clean my PC

    Zara Reply:
    July 8th, 2009 at 10:46 am

    plz help me!!!!

  3. Caroline
    June 19th, 2009 at 12:27 pm

    To get the giant pop up to go away while you are going through the manual removal instructions, go to task manager and kill the sysguard.exe process. You have to kill it before you can delete it anyway.

    Morgan Reply:
    November 8th, 2009 at 7:20 am

    Well, I wasn’t able to find either of the processes given above in the process list. Also all but one of the “other files” to be deleted weren’t there. In addition, it will not allow me to unregister iehelper.dll, but I was able to delete it.

  4. alfredo
    June 23rd, 2009 at 9:08 am

    This shit is fake .

  5. mad man
    June 26th, 2009 at 8:15 pm

    yea the is fake it uses the same reson for the alert every TIME!!! and all my mmos will now crash because of the pop ups if u get this DELETE IT WITH THIS GUIDE

  6. Alan
    July 1st, 2009 at 8:20 pm

    It really helps to do the removal in safe mode. I couldn’t use the auto tools unless I was in safe mode. push f8 while booting up your computer and then select safe mode with networking. You won’t have to worry about all the pop ups and shit while you are trying to get rid of it!

  7. diana
    July 2nd, 2009 at 8:34 am

    how am i supposed to remove this antivirus system if i am not even able to get on the the internet to download your removal tool?? im so computer illiterate i obviously cant remove it manually. please help!!!

    Luciana Reply:
    July 2nd, 2009 at 10:32 pm

    You can download the removal tool on another computer and then put the file on a thumb drive and then copy it to the infected computer.

    Saty13 Reply:
    July 4th, 2009 at 6:41 pm

    diana:
    How are you reading and posting on this site if you are unable to get on the internet? Anyway….first, you need to stop the program from running, then you should be able to access the internet. To stop the program from running…

    1. Press these three keys simultaneously: Ctrl and Alt and Delete.

    2. Then click on “Task Manager” and then click on the “Processes” tab

    3. Then find sysguard.exe in the list of processes that are running. Click on sysguard.exe once and then click the “End Process” button, which will shut down sysguard.exe.

    4. Now do the same thing to end these 2 other processes if they are in the list:

    Antivirussystempro.exe
    uninstall.exe

    diana Reply:
    July 9th, 2009 at 11:35 am

    im on another computer next to the one that is infected. well i’m able to get on the internet now, but when i click on a link, it sends me to some other link. i’ve tried finding all the processes and files and all else that have been listed. and nothing. now what??

    Luciana Reply:
    July 9th, 2009 at 10:01 pm

    It seems like the manual removal won’t work on your computer. Copy some antispyware install from another computer and run a scan. Let the security tools do the job for you.

    Terrance Reply:
    October 24th, 2009 at 7:08 pm

    Wow. I am in the exact same situation. I go to the task manager and I don’t see it. I access temporary files and delete those, but one refuses to go. I found the iehelper.dll and tried to delete it but it says it’s in use! I have tried other antispy ware but my computer resists it. I almost wish I could make a virus eating virus that I can infect my own computer with. ER! Make it stop!!!

    Walker Reply:
    November 3rd, 2009 at 8:53 pm

    to delete ‘iehelper.dll’ rename to something like ‘iehelperFAKE.dll’ then restart your computer and you can now delete

    kris Reply:
    November 17th, 2009 at 12:06 pm

    Hi Walker,

    Follow your way to rename iehelper.dll to iehelperFAKE.dll. Restart my computer, and it create another iehelper.dll. iehelperFake.dll can be deleted, but the new iehelper.dll still there and cannot be deleted. My computer detect
    to find

    Treat: SpywareProtect2009
    File: C:\windows\system32\iehelper.dll
    Location: unknown Storage

    Since antivirus system pro has blocked Symantec software which is installed in my NB. So I doubt the message is fake.

    So still cannot delete iehelper. Drive my crazy. HELP!!

  8. John
    July 3rd, 2009 at 9:22 am

    It seems you can confuse the program by rapidly clicking programs until they open. All the anti spywear software ive tryed wont update however im about to try this remoover and see if it works.

  9. Jack
    July 8th, 2009 at 4:11 pm

    I can’t find the Antivirus System PRO processes to stop so I’m stuck on the second step of the manual removal.

    Jack Reply:
    July 8th, 2009 at 4:33 pm

    Oh, I found sysguard.exe but I still can’t find the others!

    Luciana Reply:
    July 8th, 2009 at 10:12 pm

    The files might be different on different computers. Delete the ones you can find and don’t mind the others. You can also use some antispyware program to find and delete the files automatically.

  10. Paul
    July 23rd, 2009 at 7:10 am

    Hey, I can’t seem to get this to work at all.
    1. Can’t use ‘Run’ to get to registry (or anywhere else)
    2. Using Webroot Antivirus, but webroot wasn’t able to delete it at first and now doesn’t even see that the virus is there
    3. When I try to run a program I have to run it as an administrator or it won’t work
    4. I can’t run the software on this page because a black box will pop up and disapear when I click to have it finish the download
    5. Nothing in task manager besides regular programs (etc.)
    6. Arggh help me!!

    Luciana Reply:
    July 23rd, 2009 at 10:18 pm

    Download security tool on another computer and then copy the install file to the infected pc using a thumb drive. Run antispyware to deal with Antivirus System Pro; antivirus tools are meant to delete different kind of computer infections.

  11. David Walton
    July 27th, 2009 at 5:08 pm

    They seem to have changed the names to protect themselves. For example, looking at my McAfee (and why didn’t IT catch this mess??) I see that the file spawning this whole mess is now called C:\ProgramFiles\fgilgi\ihfrsysguard.exe I deleted that and it has stopped popping up. But I can find none of the Registry entries cited in the article.

  12. Partik
    July 27th, 2009 at 7:28 pm

    I tried the manual cleanup steps and they worked beautifully, except that the Antivirus System Pro people have added a twist.

    qxdbsysguard.exe is another file you need to “stop process” in the task manager. It is also needs to be erased in two places on the hard drive: C:\program files\gtttmv and C:\windows\Prefetch. Otherwise things seem to be going well.

    Thanks for your help!

  13. kenda
    August 11th, 2009 at 1:53 pm

    i got rid of it for a while but it came back after an hour?
    i also can’t delete the iehelper.dll it just comes back. help please?

    Luciana Reply:
    August 11th, 2009 at 10:46 pm

    It seems that you got some kind of trojan that re-installs the infection or some files of Antivirus System PRO are left after the removal. Have you tried running anti-spyware?

    kenda Reply:
    August 12th, 2009 at 10:22 am

    i tried the spy doctor thing but it doesn’t really work. it says access is denied when i try to delete iehelper

    Luciana Reply:
    August 12th, 2009 at 10:17 pm

    Run the anti-spyware in a safe mode. Antivirus System Pro is able to block security tools in a normal mode in some cases.

  14. Vlad
    August 28th, 2009 at 5:04 am

    the windows antivirus pro is not letting me go on any program even the remover tool, please help

  15. milad
    September 7th, 2009 at 9:03 am

    Can any one recommend me a trustworthy site that he or she had success of removing this nasty “Anitvirus system pro”? I really appreciate that

  16. debussy
    September 20th, 2009 at 9:23 pm

    look for *sysguard.exe to stop the process.
    then search for the folder and delete the folder
    delete anything else like the windows/prefetch content with similar prefix/suffix

  17. ross
    September 24th, 2009 at 8:17 am

    i found a process called aixqsysguard.exe

    should i end it or is it needed?

  18. chad
    September 25th, 2009 at 6:55 pm

    similar to ross (reply 17), i found a process called irafsysguard.exe instead, it showed up in the prefetch and most of the registry keys. i’m sure it was related to the problem because killing the process stopped the popups. in program files it was also inside a folder with a string of random letters starting with the letter y. now i’m wondering if the automatic removal tool would’ve even worked with these other filenames?? i’m going to use linux from now on ;)

    tj Reply:
    November 23rd, 2009 at 11:24 pm

    i found voygsysguard.exe and deleted it from the processes and the pop-ups stopped immediately. did a search under sysguard and it came up again with a windows prefetch which i also deleted. seems all good.

  19. Jun
    October 2nd, 2009 at 12:53 pm

    Control Panel, Add-Remove Program, look for Antivirus Pro and installed date on right.
    Go to Accesories, system tool, system restore, restore my pc to earlier time, click date back when your pc still working good.

  20. Raymond
    October 9th, 2009 at 7:41 am

    I had the same problem this morning and it kept popping on me, I went to All Programs–> Control Panel–> Add Remove programs and clicked on the first program that popped up , dont remember the name but some thing that came at the top and off it went..

    I also had a Norton 360 installed on my computer and it gave me a msg that it blocked it but never removed it.

    Thanks

    Ray

  21. Don Rulf
    October 13th, 2009 at 1:10 pm

    I found the offending process to be “trtvsysguard.exe”, in my case. I tripped it by looking at the applications window in task manager for the bogus “virus removal” application, then redirecting to the process window where the above process was highlighted. Renaming the offending process to “trtvsysguard.dud” halted the madness upon reboot and allowed me to search the internet for help, eventually ending up here.

    Thanks!

  22. AMAR
    October 20th, 2009 at 5:39 am

    i have tried everything but nothing worked…
    please help how to remove these disgusting pop ups manually

    Luciana Reply:
    October 20th, 2009 at 5:54 am

    Delete files and registry entries like it’s described on the tutorial above the comments section.

  23. barb
    October 22nd, 2009 at 3:56 pm

    How do you get rid of this in the registry when the virus won’t let you get to the registry. It says the administator does not allow use of the registry and I am the administrator. It also won’t let me into safe mode. And they must have changed the name again, because none of the names to find are found on my computer. I went in and compared one computer to another and stopped all services that were not listed on the machine without the virus. This is a nasty bug, worse than the swine flu!

    Walt Reply:
    October 25th, 2009 at 9:39 pm

    As someone stated above, go into safe mode with networking:

    Spam F8 as the system boots to the hard drive but BEFORE windows begins to load, if you miss it, start over.

    Select safemode with networking (this will allow you to access the internet and reference pages such as this one)

    Enter your admin password and voila.

    Now you wont have to kill any of the services, they wont be running, and I didnt find 2/3rds of the registry entries this suggests. Also, mine was installed in a BS directory, something like “C:\program files\ukakgkashgfkaskfa”

    What I recommend doing is opening the registry with regedit and search for specific phrases, “BAD4551D” for example. Be sure you are deleting the right entry, deleting the wrong one can have catastrophic results.

    Anyway, I’m actually writing this as I’m finishing up the walk through.

    Best of luck and thanks for posting the resolution.

    Walt R.
    I run The Planet, You’re welcome.

    Barb Reply:
    October 26th, 2009 at 7:01 am

    This might work, but as I said above it won’t let me into safe mode, not even with networking. I tried that first of all.

  24. Ashley
    October 23rd, 2009 at 9:38 am

    HELP! I can’t download the antivirus system pro removal tool, and am not savvy enough to know which malware processes to delete.

  25. Luciana
    October 25th, 2009 at 11:53 pm

    Take a look above the comments section to the “Antivirus System PRO manual removal instructions”. There are the names of files and processes listed along with explanation how to delete them.

  26. Hai
    October 27th, 2009 at 4:25 pm

    I have manually searched unsuccessfully for all the registries, DLL’s and EXE. files. However, Window Defender reportec that it has quarantined Antivirus System Pro. I am now plan to perform “system restore” to see if that AVSP is gone. Am I on the right track?

    Luciana Reply:
    October 27th, 2009 at 11:47 pm

    Since Windows Defender detects Antivirus System Pro malware, it should be able to delete it.

    Struggling with removal Reply:
    November 7th, 2009 at 10:47 pm

    Are you sure of this? Have you had direct experience with Windows Defender working successfully in removing Antivirus System Pro malware?? I’m running a Windows Defender full system scan right now and it’s been going for 2 hours…I’m hoping it will remove this malware from my computer! :(

  27. Silver
    October 27th, 2009 at 5:02 pm

    I’m very frustrated because I have payed for Spyware Doctor to remove “Antivirus System Pro” from my computer. The first time, it was very easy and I was astonished by it’s capacities.

    However, not even a week later the very same virus came back! This time, it kept on uninstalling my Spyware Doctor and when I re-installed it, it wasn’t able to start scanning because it was stuck on the “Checking” Mode. After much struggle, I was finally able to remove it and I believed the worst was over, but I was so very wrong.

    Today again, while doing my usual routine intelli-scan with Spyware Doctor, it suddenly closed on me. Shocked, I tried to re-open it, but it was in vain. My computer could not find the program anymore. Then, for the third time now, Antivirus System Pro is creating havoc in my computer and for me. Again, my Spyware Doctor is unable to scan because it is constantly stuck on the “Checking Mode”. I’m not sure what do do anymore…

    Also, I cannot run Spyware Doctor on Safe Mode because last time I tried, it gave me a blue screen saying that the virus was interrupting it from continuing on safe mode.

    Thank you for your time and patience.

  28. Hai
    October 28th, 2009 at 9:09 pm

    I find AVScan in different registry than the one listed in the instructions above (HKEY_CURRENT_USER\Software\AvScan). Should I delete aVScan on any different registry? I appreciate any help I can get.

    Thanks

  29. adnan
    October 29th, 2009 at 7:15 pm

    Hi, I can’t follow any of the recommendations listed, because this evil software is prohibiting safe mode, blocking the viewing of hidden files, blocking add/remove programs, blocking regedit. I literrally cannot do anything.

    Please help!

  30. scott
    October 30th, 2009 at 8:14 pm

    I am a newbie to all this as well. Just got hit with this one. I am able to get into safe mode on the affected computer and I am running a resotre to a date a couple of weeks ago. Do I have anything else I have to do after the restore is done? I did download the spy doctor file but when I when out for updates everything crashed…thus the restore I am doing now.

  31. Re’vyn
    November 1st, 2009 at 3:28 pm

    I went to task manager-processes and mine weren’t listed as sysguard or antivirsus system pro mine were listed as xrxftplt.exe and jxkksysguard.exe and i couldn’t find any of the files listed anywhere. Is it because of the name of the file is different do i need to search areas under a different name than antivirus system pro?

  32. Toku
    November 6th, 2009 at 9:39 am

    Thanks, this site worked great. I used the manual instructions. Also don’t forget to disable the system restore when deleting these files, just don’t make a mistake either.

  33. Jamie w
    November 9th, 2009 at 6:30 pm

    I noticed that they had changed the begining of the process names found 3 that where runnning. ended them and stoppes in its tracks but when reboot its back think I founf the auto install file for it hidden in a windows file. there where 4.

    adrian Reply:
    November 10th, 2009 at 11:20 am

    what were the process names & where was the auto install file???

  34. Dave from Idaho
    November 10th, 2009 at 1:43 am

    I found the processes by watching the CPU performance as the pop-up did its thing. I deleted it, followed the above directions, found some of the files listed and it seems to have solved it HOPEFULLY I will restore before I re-boot.

  35. Kelly
    November 10th, 2009 at 4:22 pm

    THANK YOU!!!

    Just got hit tonight with the AntiVirus System Pro. Contacted McAfee, who we have Total Protection Software from. Apparently NOT. The tech lady gave me some worthless info about how viruses are popping up every hour, every minute. Yes, I got a wee bit testy and asked how they managed to fix this when it just popped up in the last hour since it wasn’t sent to my computer to block it out. (I know, I hang my head). Got on my email, lo and behold, she sent me a link to fix it created back in March 2009. So they’ve known about it that long..grr.

    It didn’t work. Contacted chat support… they told me I was stuck unless I wanted to spend an unimagineable amount of money to have them remove it for me. Or contact Dell and have them do it.

    I turned to you….. You saved my computer from a certain death by sledgehammer!

    We downloaded the link for the fix to a jump drive and transferred it to the infected computer. Naturally I encountered a million errors, it certainly did NOT want me to install the fix. It went wonderfully, until the blue screen of death at the end. I admit I was scared. Then restarted, got some BIOS information, and sent it on to Microsoft. Who knows what they’ll do with it. Regardless, got past that, and have not seen a red box since!!

    THANK YOU!!! THANK YOU!!! THANK YOU!!!

  36. Sal
    November 10th, 2009 at 7:11 pm

    Believe I found variant, under new file name and location, in vista config, in directory \User\ (your user name goes here) \ AppData \ local \ mjlyfv . File name looks like ktwasysguard.exe. IF you can get into the Task manager during boot up, then stop this process named something like ktwasysguard.exe.
    Also found in registry, delete both if found:
    1) under “HKEY_CURRENT_USER\Software\AvScan ” (entire section?)
    2) under “HKEY_CURRENT_USER\Software\Microsoft\WIndows\CurrentVersion\Run ” a key called something like jbuhrrdg containing the directory and file name of C:\user\…\AppData\local\mjlyfv\ktwasysguard.exe

    Matt Wilcox Reply:
    November 11th, 2009 at 6:33 am

    I’m on XP, and mine was in the folder – c:/documents and settings/USERNAME/Local Settings/Application data/cmcuxi/pxfssysguard.exe.

    Note the last folder and the four letters before the name appear to be randomly generated ones, so your’s might be different.

  37. Joel D
    November 15th, 2009 at 2:51 am

    thanks for the instructions, i am the pinicle of computer illiterate, and managed to catch this thing in half an hour and remove it really effectively with this info… THANKS A BUNCH!!!!

    and my condolences to all, those popups are hella annoying

  38. Barry
    November 15th, 2009 at 11:53 am

    Here’s a 5 minute fix. Click the ASP taskbar icon(the shield) to open the ASP main window. Right click “Properties”. You should be able to highlight the full location of the program ’s *sysguard.exe file. It’s the location listed under “Address (URL)”. You may only see 2 lines of the address, so you’ll need to left click-hold and highlight the address so you can drag down to see the final, randomly named folder and file name (ending in sysguard.exe). Write down the file path, restart in safe mode, then find the folder and file using “My Computer” or “Windows Explorer”. Delete the file, then the folder, then the “windows\system32\iehelper.dll” file. Restart in normal mode, run Malwarebytes and it should be over.

    Heather Reply:
    November 22nd, 2009 at 7:10 pm

    …I love you.

    I have been spending HOURS looking for a way to get rid of this program and NOTHING works… but with your solution, I fixed it in only a handful of minutes!

    You, kind sir, are my saviour.

    Armando Reply:
    November 23rd, 2009 at 4:34 pm

    This did it!

    Thanks so much, this thing was nasty.

    I would advice to every body to do this as well as follow the advice of # 36

    Good luck

  39. kris
    November 17th, 2009 at 6:38 am

    How to delete registry entries?
    http://www.spywarevoid.com/how-to-delete-registry-entries

    I followed all the instruction from the very fist part to all of them.
    It did work to remove antivirus system pro from my computer. You cannot imagine how excited I was. ( To a person with few computer tech knowledge like me, I’m freaking out and reformat and reinstall os etc… is a big thing. I was planning to get a computer shop to reformat my NB……)

    But when I reboot the computer, the antivirus system pro is back again. So sad…..

    I don’t know why…….

    So I’m wondering maybe some parts I did weren’t correct or …..

    I’m bit of confused with the part – How to delete registry entries?
    (http://www.spywarevoid.com/how-to-delete-registry-entries)

    Could you help to clarify below questions:

    step a : Open Registry Editor. (clear)

    step b: Navigate to find the needed registry key and value (clear)

    step c: Select the value to modify it. (not clear)
    Q: “Enter the new value”  is it to enter “1”? When you click modify, the original value is 1. So is it to enter “1” again??

    step d: Find the value using the steps above and delete it. (clear)

    step e: You may need to add a new value or a new key to the Windows registry. (not clear)

    Q1: From the screenshot, the file “Opened” is still there. Why? Isn’t it deleted as
    Step e?

    Q2: To create a new value, I choose option “New” and then choose “DWORD value” . Is this correct? The screenshot shows New – Key. Is it to choose “Key” instead of “DWORD value” ? But it seems to choose “DWORD value”?

    If choose “DWROD value”, it appear in right hand side. If choose “Key” it will show in the left hand side as a new folder. So which one to choose?

    Is it possible the person who writes this article can make it clearer? It’s a great help to the person like me (with poor computer knowledge)

    Step f: You may need to export certain key or value from the registry. (not clear)

    Q1: As Step e creating a new value, but here the screenshot doesn’t show any new value or a new key. Just wondering the Step e and Step f are the other way round???

    Step g: You can import missing or new values and keys. (clear)

    PLEASE HEP !!!!!

    Luciana Reply:
    November 18th, 2009 at 1:45 am

    Thank you for pointing out unclear sections of the tutorial. The article explains all the aspects you need to know while dealing with registry entries. You may need to know how to add new values and how to export a key/value. While removing Antivirus System PRO and most of other malware you only need to know how to delete registry entries.

  40. allie
    November 19th, 2009 at 11:37 pm

    I can’t even go to boot menu, and my laptop won’t let me delete the system32. every time it says it’s going to it never does I’ve tried deleting it over 123454 times already, and I have no computer/laptop to download the anti virus on, Im only on my cellphone internet right now and I need this fixed soon, because I do my school work on my laptop. please help, thanks.

    Luciana Reply:
    November 20th, 2009 at 12:00 am

    You can download security tools on another computer and then copy the install files to the infected computer using usb drive.

  41. DD
    November 20th, 2009 at 9:15 pm

    Well I followed all the steps that you suggested in your tutorial but I can’t seem to find any of the files that are supposed to be deleted. Even the sites that were supposed to be blocked that I entered in the “host” thing weren’t blocked but I think that this virus site actually found a way to adapt agaisnt deleting now. So is there anything I can do other than installing/buying a program that will help me delete it?

    Luciana Reply:
    November 22nd, 2009 at 11:28 pm

    Thank you for this comment. We will update the manual removal guide as soon as possible.

  42. Stephan
    November 21st, 2009 at 8:50 pm

    I think I got rid of this thing, but now I cannot access the internet at all – looks like the wireless connection is made but I get the ‘Internet Explorer cannot display the webpage” fault.

    To get rid of this virus, I had to start up in Safe mode – I couldn’t open Task Manager, access any websites, etc. Did not find any of the processes or registries listed above (even with all hidden files showing), but found MXCJSYSGUARD.EXE and several websites and files called OSADWAREKILL2009. All were installed yesterday when the infection started. I deleted all those. I did not make any changes to the DLLs since I cou;dn’t find that specific one, but I blocked all the Antivirus System Pro websites in my HOST file. Now I don’t get the faults and windows popping up, but I cannot access the internet. Looks like Spyware Doctor still finds a significant Trojan, but I can’t remove it as I can’t register the Spyware Doctor as I can’t access the internet.

    Any ideas?

    Luciana Reply:
    November 23rd, 2009 at 12:04 am

    Blocking malicious websites is not enough, you also need to delete files and registry entries installed by Antivirus System Pro. You should be able to access Task Manager and other system tools on a safe mode.

  43. DRM
    November 22nd, 2009 at 3:26 pm

    I was able to do a system restore, virus is not coming up now. Do I still need to follow try and remove virus? Will it return?

    Luciana Reply:
    November 23rd, 2009 at 12:06 am

    You may go through the manual removal guidelines just to check if some of the malicious files are still onboard.

  44. bob
    November 24th, 2009 at 12:22 pm

    it wont let me do manual uninstall saying that the hosts file is infected, which it isnt. wont open task manager, AVG, or my d drive. and my computer nerd friend is being an ass and not answering the phone. wat do i do?

    Luciana Reply:
    November 24th, 2009 at 9:22 pm

    Follow the manual removal guide in a safe mode.

Trackbacks

Comments are closed.

Download does not start? Try a mirror download here
«
»