Skip to comments.HELP! How do I get rid of Spyware Guard 2008 virus?
Posted on 12/23/2008 3:44:00 AM PST by PJ-Comix
My computer has been infected with the Spyware Guard 2008 virus and now I can't get rid of it. Does anybody out there know of some way that I can get rid of this virus? Apparently a lot of people seem to be having problems with the same virus. I let someone else use my computer yesterday so perhaps that is when it got infected.
Format and reload is the only thing that worked for me.
Spyware Guard 2008 is a particularly insidious little bug that most spyware and virus protection software won’t detect. The only thing I found that could remove it was SuperAntiSpyware, and it took three tries to root out everything. Thankfully, the program is free. You can download it at http://www.superantispyware.com/.
Here is something I found on the Net. Not sure if it will work, but you can give it a try.
Go to Start/Control Panel/Display/Appearance and look for the file bg. Go to Search and under All files anf folders type in bg and voila! you will find bg.jpg and bg.bmp. Delete both files and you will have removed the last remnant of this vicious and nasty rogue application
Dude! This is the second time in 24 hours you’ve beat me (within a couple minutes or less) of posting the same exact thing.
Are you my long lost twin brother or something? Jeesh!
Accdg to one website (http://www.malwarehelp.org/spyware-guard-2008-analysis-and-removal-2008.html),
Superantispyware will remove it (http://www.superantispyware.com/superantispyware.html?rid=3596)
You can try Malwarebytes - it depends on which variant you have.
They keep moving the location of the files and renaming them. Ultimately you may end up reformatting and reloading the machine though.
I can't believe the efforts the computer virus people use to mess with your computer. You would think they would put those skills to good use.
Trend-Micro is a worthless AV program. It is apparently good against some lightweights.
As was said, it’ll get rid of most of the variants...
Save all of your stuff on an outside hard drvie, then use the restore disks, That is the last option. but I must say that I had to do that, over 50% of the time.
If you can still boot up, spend 30 or 40 bucks to back up your personal stuff, on an a hand held drive. if you can’t boot up, well, I can only suspect that your computer crashed upon trying to establiblish Microsofts SP2. My computer crashed four times trying to do that. Absolute solution, purchase a cheap serial port thing to back up tour stuff, disconnect it, then follow the Mfr’s thing to place your computer to an out of the “out of the box state”, if you have patience, you can do this. I’m saying if your off of the internet, you cant access the internet, you can’t be infecetd. Good luck.
It sounds easier to download and run that superantisypware.
The glory days of virii (have I dated myself with that word?) have long past.
Nowadays, most of the malware is produced to generate revenue.
SuperAnti is a great program. I use it to weed out stuff every day, and it keeps the PC running smoothly.
Stopzilla worked for me.
Dealing with "The Leader" is not easy and maybe one of the hooks I put out will get me somewhere else and try again. At least this is the last day for the year for me. I will be applying a lot over the next couple of weeks.
I’m using Firefox.
You *must* have access to an uninfected computer and either a flash drive or a CD (you can try using LAN, but I prefer to keep the infected computer quarantined).
Important things to note:
- Quarantine your computer from the Internet. Physically unplug your network cables. Do this immediately as soon as youre aware that youre infected.
- Dont bother deleting the Spyware Guard 2008 folder or the winscenter file. They will just come back.
- Do kill the processes immediately whenever they come up.
- The malware may have all kinds of nasty effects, including but not limited to:
Blocking Internet access to sites where you can download things that will remove it
Blocking access to the IP addresses used by MalwareBytes and other anti-spyware programs, preventing them from updating
Preventing Safe Mode from booting up
Interfering with System Restore
Installing viruses continuously in various files all over your computer, even when you are not connected to the Internet
Hijacking your search engine so that clicking on links sends you to malicious sites
And many other worse effects as described above.
Procedure for removal:
1. Download malwarebytes AND the latest update onto your flash drive on an uninfected computer. The malware may prevent malwarebytes from updating itself (did for me).
2. Download SuperAntiSpyware.
3. Change the names of all 3 files. The malware may prevent execution of the files with their original names.
4 Install malwarebytes onto the infected computer. Install the update file. Change the name of the executable file for the installed program.
5. Run malwarebytes (Complete Scan). Stay with your computer, allow the scan to run all the way through, and kill spywareguard.exe and winscenter.exe every time they start up. spywareguard.exe will start randomly every 2-6 minutes and winscenter.exe will start once every 8-15 minutes. If you leave your computer unattended during this scan, it may install more stuff in places that were already scanned.
6. Delete everything it finds and let it restart your computer. Visible signs of infection should be gone, but your computer may still be sluggish. Youre not done.
7. Install SuperAntiSpyware and update it. The update should run properly. You can leave your computer unattended for this one.
8. Delete everything it finds. It is likely to find several instances of TDSSserv, among others.
9. Reboot. Run your preferred antivirus (Avast, AVG, TrendMicro) to reassure yourself that everythings gone.
10. Your computer should be back to normal. If you like, you can run malwarebytes one more time to make sure no traces are left.
What OS are you using?-I have changed to vista which seems more secure than XP.Oh and STOP using I.E -I have started using Google Chrome which is a good variant and is NOT a target of hackers like the way I.E. is.
I hope that helps.
Wiping? You shouldn’t tell people to wipe for something so minor.
Dumb question perhaps, but how do you know you are injected with this virus? (for those of us perhaps unknowingly infected).
On systems they pronounced clean and good, a day or two later, the pests would emerge again. Hence, wipe it.
We dare not spend a penny on any good tools. It is so frustrating.
Does anyone get these viruses on their MAC?
You're kidding, right?
There's also no uninstall program for any flavor of Windows out. Linux is an operating system. The disk you were sent likely (it's been awhile since I've tried it) has an option to either run from the CD, or to install it on your machine.
When you install it, you are reformatting your drive and replacing Windows. There is no backing out of that. Likewise, if you had Linux installed, and you ran a Win32/Win95/Win98/WinNT/WinMe/WinXP/WinVista installer, it would reformat the drive and install itself over whatever OS was previously on there.
I use Win2K3, WinXP, Mac, and several instances of Linux at my home office and at all my client sites. I'm a "fanboy" of all of them. I try to avoid disparaging any of them, especially when it's due to "cockpit trouble".
Riiiight. Clicked on the wrong pic at Juggs.com, didn't ya?
You’ve been spending too much time at the DUmp. <-:)
I sincerely doubt it. But Swordmaker is the Apple guy here on FR.
I prefer Linux. :)
BTW, I am using Firefox, not IE.
Don't "worry." If you are infected by SpyGuard 2008, you'll know it. However, for ease of mind just download the free SuperAntiSpyWare program like me and run it. The virus was detected but my big concern right now is if it can be deleted.
How long does the SuperAntiSpyware scan take? I have to split out in an hour. Also can I hit “next” in the middle of a scan and take care of the viruses already detected? The number of such viruses is now up to 4.
So I can let my ‘puter sit until I come back this evening?
I had this nasty piece of work and every tech board I saw pointed to “SpyNoMore”. Worked great.
Yeah, I’ll let it run today with the monitor off and then check back tonight. I really need to get rid of that virus. So far SuperAntiSpyWare has detected a bunch of those viruses and hopefully can remove them.