avguard.exe - Dangerous

%windir%\avguard.exe

Manual removal instructions:

Antivirus Report of %windir%\avguard.exe:
%windir%\avguard.exe Malware
%windir%\avguard.exeDangerous
%windir%\avguard.exeHigh Risk
%windir%\avguard.exe
W32.Netsky.G@mm
It copies itself to %Windir%\Avguard.exe.

Deletes the values: Taskmon, Explorer, Windows Services Host, KasperskyAV, from the registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Some of these registry key values are typically associated with the worms W32.Mydoom.A@mm and W32.Mydoom.B@mm.
The W32.Mimail.T@mm worm may add the registry key value "KasperskyAV."

Deletes some values from the registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Such as: System, msgsvr32, DELETE ME, service, Sentry, d3dupdate.exe, au.exe, OLE, gouday.exe etc.

Deletes the registry keys:
HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PINF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WksPatch

Scans the predefined file types on drives C through Z for email addresses:
Uses its own SMTP engine to send itself to the email addresses it found above, sending to each address once.
The email has the following characteristics:
Subject: One of the predefined list.
For ex: Re: Your website

Body: (One of the following)
Your file is attached.
Please read the attached file.
Please have a look at the attached file.
See the attached file for details.
Here is the file.
Your document is attached.

Attachment: One of the predefined list.
For ex: Re: mp3music.pif

Manual removal:
Navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Special Firewall Service" = %WinDir%\avguard.exe -av service

Remove avguard.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.