Posted on 12/23/2008 3:44:00 AM PST by PJ-Comix
My computer has been infected with the Spyware Guard 2008 virus and now I can't get rid of it. Does anybody out there know of some way that I can get rid of this virus? Apparently a lot of people seem to be having problems with the same virus. I let someone else use my computer yesterday so perhaps that is when it got infected.
Stopzilla worked for me.
Dealing with "The Leader" is not easy and maybe one of the hooks I put out will get me somewhere else and try again. At least this is the last day for the year for me. I will be applying a lot over the next couple of weeks.
I’m using Firefox.
You *must* have access to an uninfected computer and either a flash drive or a CD (you can try using LAN, but I prefer to keep the infected computer quarantined).
Important things to note:
- Quarantine your computer from the Internet. Physically unplug your network cables. Do this immediately as soon as you’re aware that you’re infected.
- Don’t bother deleting the Spyware Guard 2008 folder or the winscenter file. They will just come back.
- Do kill the processes immediately whenever they come up.
- The malware may have all kinds of nasty effects, including but not limited to:
Blocking Internet access to sites where you can download things that will remove it
Blocking access to the IP addresses used by MalwareBytes and other anti-spyware programs, preventing them from updating
Preventing Safe Mode from booting up
Interfering with System Restore
Installing viruses continuously in various files all over your computer, even when you are not connected to the Internet
Hijacking your search engine so that clicking on links sends you to malicious sites
And many other worse effects as described above.
Procedure for removal:
1. Download malwarebytes AND the latest update onto your flash drive on an uninfected computer. The malware may prevent malwarebytes from updating itself (did for me).
2. Download SuperAntiSpyware.
3. Change the names of all 3 files. The malware may prevent execution of the files with their original names.
4 Install malwarebytes onto the infected computer. Install the update file. Change the name of the executable file for the installed program.
5. Run malwarebytes (Complete Scan). Stay with your computer, allow the scan to run all the way through, and kill spywareguard.exe and winscenter.exe every time they start up. spywareguard.exe will start randomly every 2-6 minutes and winscenter.exe will start once every 8-15 minutes. If you leave your computer unattended during this scan, it may install more stuff in places that were already scanned.
6. Delete everything it finds and let it restart your computer. Visible signs of infection should be gone, but your computer may still be sluggish. You’re not done.
7. Install SuperAntiSpyware and update it. The update should run properly. You can leave your computer unattended for this one.
8. Delete everything it finds. It is likely to find several instances of TDSSserv, among others.
9. Reboot. Run your preferred antivirus (Avast, AVG, TrendMicro) to reassure yourself that everything’s gone.
10. Your computer should be back to normal. If you like, you can run malwarebytes one more time to make sure no traces are left.
What OS are you using?-I have changed to vista which seems more secure than XP.Oh and STOP using I.E -I have started using Google Chrome which is a good variant and is NOT a target of hackers like the way I.E. is.
I hope that helps.
Got Linux?
http://distrowatch.com/
Wiping? You shouldn’t tell people to wipe for something so minor.
Dumb question perhaps, but how do you know you are injected with this virus? (for those of us perhaps unknowingly infected).
On systems they pronounced clean and good, a day or two later, the pests would emerge again. Hence, wipe it.
We dare not spend a penny on any good tools. It is so frustrating.
placemarker
Does anyone get these viruses on their MAC?
Thoughts appreciated.
You're kidding, right?
There's also no uninstall program for any flavor of Windows out. Linux is an operating system. The disk you were sent likely (it's been awhile since I've tried it) has an option to either run from the CD, or to install it on your machine.
When you install it, you are reformatting your drive and replacing Windows. There is no backing out of that. Likewise, if you had Linux installed, and you ran a Win32/Win95/Win98/WinNT/WinMe/WinXP/WinVista installer, it would reformat the drive and install itself over whatever OS was previously on there.
I use Win2K3, WinXP, Mac, and several instances of Linux at my home office and at all my client sites. I'm a "fanboy" of all of them. I try to avoid disparaging any of them, especially when it's due to "cockpit trouble".
Riiiight. Clicked on the wrong pic at Juggs.com, didn't ya? 
You’ve been spending too much time at the DUmp. <-:)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.