• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Rogue Anti Spyware › Tutorials - HowTo › How to remove System Guard 2009 (Delete instructions)

How to remove System Guard 2009 (Delete instructions)

Myantispyware team January 26, 2009     No Comment    

System Guard 2009 is a rogue antispyware program. The fake antispyware is a new clone of Spyware Guard 2009. System Guard 2009 uses fake alerts and false positives to trick you into buying the fake software. The program is distributed through the use trojans and pop-ups found on fake anti-spyware online scanners. During installation, System Guard 2009 is set to start automatically when your computer starts. In addition the program creates a few files:

c:\WINDOWS\reged.exe
c:\WINDOWS\spoolsystem.exe
c:\WINDOWS\sys.com
c:\WINDOWS\syscert.exe
c:\WINDOWS\sysexplorer.exe
c:\WINDOWS\vmreg.dll
c:\WINDOWS\system32\winscenter.exe

These files during the scan will determine as trojans and spyware.

Immediately after launch, System Guard 2009 starts scanning the computer and found a lot of trojans and spyware that cannot be removed unless you first purchase the software. System Guard 2009 may drastically slow the performance of your computer. The program can be safely removed from your computer along with any other trojan infections if the proper steps are taken. If you are a non-techie computer user then this method of removing spyware is for you.

Symptoms in a HijackThis Log.

O4 – HKLM\..\Run: [systemguard] C:\Program Files\System Guard 2009\systemguard.exe
O21 – SSODL: ieModule – {77C96E10-FDA7-4AA7-B318-0631C0D27DBB} – C:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs\ieModule.dll
O21 – SSODL: InternetConnection – {AB6DAA8C-F726-4FDD-8B06-9537C5878612} – C:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs\eewhptdpyl.dll

Use the following instructions to remove System Guard 2009 (Uninstall instructions).

  • Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
  • Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select “Perform Quick Scan”, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

Note: If cannot run or download Malwarebytes Anti-malware, then probably your computer infected with TDSSserv trojan. Read the article How to remove TDSSserv trojan.

If you need help with the instructions, then post your questions in our Spyware Removal forum.

System Guard 2009 creates the following files and folders.

%PROGRAMFILES%\System Guard 2009
%PROGRAMFILES%\System Guard 2009\conf.cfg
%PROGRAMFILES%\System Guard 2009\mbase.vdb
%PROGRAMFILES%\System Guard 2009\quarantine.vdb
%PROGRAMFILES%\System Guard 2009\queue.vdb
%PROGRAMFILES%\System Guard 2009\systemguard.exe
%PROGRAMFILES%\System Guard 2009\uninstall.exe
%PROGRAMFILES%\System Guard 2009\vbase.vdb
%PROGRAMFILES%\System Guard 2009\quarantine
%UserProfile%\Desktop\System Guard 2009.lnk
%UserProfile%\Start Menu\Programs\System Guard 2009
%UserProfile%\Start Menu\Programs\System Guard 2009\System Guard 2009.lnk
%UserProfile%\Start Menu\Programs\System Guard 2009\Uninstall.lnk
c:\WINDOWS\reged.exe
c:\WINDOWS\spoolsystem.exe
c:\WINDOWS\sys.com
c:\WINDOWS\syscert.exe
c:\WINDOWS\sysexplorer.exe
c:\WINDOWS\vmreg.dll
c:\WINDOWS\system32\winscenter.exe
c:\Documents and Settings\All Users\Application Data\winlogon.exe
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\svchost.exe
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\track.sys
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs\c.cgm
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs\eewhptdpyl.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs\ieModule.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\DLLs\moduleie.dll

Rogue Anti Spyware Tutorials - HowTo

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

Univerexplo.info
How to remove Univerexplo.info pop-ups (Virus removal guide)
Mobilemediahits.com
How to remove Mobilemediahits.com pop-ups (Virus removal guide)
Wildbearads.bid
How to remove Wildbearads.bid pop-ups (Virus removal guide)
Xacersconceptin.info
How to remove Xacersconceptin.info pop-ups (Virus removal guide)
Finestream.site
How to remove Finestream.site pop-ups (Virus removal guide)

Follow US

Search

Useful Guides

DNSChanger
How to remove DNSChanger malware virus [Updated Apr. 2018]
How to reset Mozilla Firefox (Updated Apr. 2018)
How to remove pop-up ads [Chrome, Firefox, IE, Opera, Edge]
Files encrypted by ransomware become useless
How To Recover Encrypted Files (Ransomware file recovery)
browser redirect virus
How to remove Browser redirect virus [Chrome, Firefox, IE, Edge]

Recent Posts

How to remove windowsclick.com redirect [UACd.sys trojan]
How to remove Antivirus XP Pro (Delete instructions)
How to remove Spyware Protect 2009 (Delete instructions)
How to remove Spyware Guard 2009 (Delete instructions)
How to remove Flash Disinfector protection (autorun.inf folder)

MYANTISPYWARE.COM

  • About Us
  • Contact Us

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2019 My AntiSpyware - Free antispyware programs and Spyware Removal Instructions.