TechNucleus

Most of the people browse the internet every day and some sites are reliable and some or not. Eventhough we browse good sites, some sites as 3rd party Ads which install some crap/malware in our computer and says some infection or virus were found in our computer. It asks you to purchase the software to clean up the crap/malware. So many times it happened to my wife computer and good thing is i always take image of her PC so that when ever it infected with virus, i reimage back.


But recentely it happend to one my friends PC. I google the internet and foud the following steps.

1. When ever virus infected, restert the machnie immediately since it won't allow to open any applications.
2. As soon as system restarts, click Ctrl + Alt + Del to open task manager.
3. In the processes tab look for filename which contains "sysguard.exe". In my friends Pc it shows "gcwpsysguard.exe". As i told previously, it may vary. Just look for sysguard. Note: Most of the times we can not find the exact file name since this software put some junk characters before or after.
4. Kill the process by clicking the End Process button.
5. I found malware installed in the location C:\Documents and Settings\{USERNAME HERE}\Local Settings\Application Data\{ANY UNKNOWN FOLDER NAME}\gcwpsysguard.exe
6. It also modified the internet settings so just change it back by going to IE internet option – Connection – LAN Settings – Use Automatic Configuration Script and uncheck use proxy server checkbox
7. Remove the startup reference. For that go to Start - Run - Type msconfig
8. In startup tab, uncheck the filename which you just deleted so it clears from startup and won't load automatically when system restarts.
9. Search the Computer for any file name contains "sysguard" and delete. Note: Please check twice before deleting any files and make sure that file is some unknow location and you are sure that it is a virus/malware file.
10. check also in regiestry and delete if any. Before delete any thing take a backup.
11. Once above steps are finished, restart the computer.

I hope this post help you to clean your computer. If so, please leave some comments about this post.