Rogue:W32/SysGuard.D

20 Jan 2010 by BradB, No Comments »

SysGuard is the latest bug to plague many of our customers and people worldwide. This process starts with a small Trojan infection which opens the floodgates and constantly tries to get the unsuspecting user to both install and give money for a fake antivirus software. It may also try to install utilities that will supposedly ‘clean’ your system up or ‘speed it up’ by fixing errors. Once the situation escalates with the fraudulent software install, it is much more difficult to clean up. Finding and removing the initial Trojan infection is the best way to stay clear of this infection, and also to save a little money.

F-Secure describes the infection details:

Rogue:W32/Sysguard is distributed by Trojan-Downloader:W32/FraudLoad.HK. While active, the rogue also occasionally displays popup advertisements and attempts to connect to a few remote sites.

This “Fraudload” trojan will cause you to end up with:

Summary
Dishonest antivirus software which tricks users into buying or installing it, usually by infecting a user’s computer, or by pretending the computer is infected.

As always, you need to keep your Antivirus and Spyware removal programs up to date and use them to scan often if you suspect an infection. Currently some of our Techs have been using Malwarebytes Anti-malware in addition to antivirus programs. As always, we recommend AVG 9.0 and Avast Home edition as antivirus solutions. Both of these are free, but Avast requires a quick and easy registration on their site.

Here are some examples of the pop-ups and nag screens you may see with a sysguard infection:

EXE blocked from running

This message will pop up when you try to run any application. Also the fraud/fake antivirus software may look like this:

screenshot_scanning

This is only one variant that is going around. There are many others like it and some that are worse. If you suspect you have this infection or one like it, remember to run a scan with your antivirus and spyware removal tools as soon as possible. If you are unable to get rid of this nasty virus, give us a call as soon as possible! The sooner we can get there the better. If you have any other questions please don’t hesitate to call and ask. We will be happy to give the best advice we can on cleaning up your computer, or work to get a prompt service call to clean your system.

I hope this helps you identify problems early and deal with sysguard and other sister infections that are running rampant. Always remember the name of your antivirus and try to quickly block any impostors, no matter how legitimate they may look.

Good luck!

Brad Button

Tags: , , ,

Leave a Reply

*

Florida tax-free weekend

Just a note if you are in the market for a new computer, Florida’s tax-free weekend is happening today through Sunday, [&hellip

Summer is here!

It’s time to check your equipment to make sure your computer is protected from these summer storms and power outages. [&hellip

Follow Us!

Follow Us! Follow Us! Follow Us!

Pages

Helpful Links

Categories