Disable LAN
- If possible, kill the following processes in Task Manager:
a. [RANDOM CHARACTERS]sysguard.exe, for example ghrtsysguard.exe
b. [RANDOM CHARACTERS]sftav.exe
- Remove These Registry entries:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random characters]"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run "[random charaters]"
HKCU \Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKCU \Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"
HKCU \Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKCU\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKCU \Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKCU \Software\AvScan
- Search and Remove These Files
%UserProfile%\Local Settings\Application Data\[random characters]\
%UserProfile%\Local Settings\Application Data\[random characters]\[random characters]sysguard.exe
%UserProfile%\Local Settings\Application Data\[random characters]\[random characters]sftav.exe
- Search registry for the following keywords (Note: You must use wildcards)
- *sftav*
- *sysguard*
- *aabxam*
- *avscan*
- Search computer for the following keywords
- *sftav*
- *sysguard*
- *aabxam*
- *avscan*
- Go to Internet Options à Connections tab à LAN Settings à Uncheck “Use proxy settings for your LAN…”
Thanks for the info RP!
