Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

HELP! How do I get rid of Spyware Guard 2008 virus?
Self | December 2008 | PJ-Comix

Posted on 12/23/2008 3:44:00 AM PST by PJ-Comix

My computer has been infected with the Spyware Guard 2008 virus and now I can't get rid of it. Does anybody out there know of some way that I can get rid of this virus? Apparently a lot of people seem to be having problems with the same virus. I let someone else use my computer yesterday so perhaps that is when it got infected.


TOPICS: Computers/Internet
KEYWORDS: spywarevirus
Navigation: use the links below to view more comments.
first 1-5051-72 next last
Thanx in advance for your help.
1 posted on 12/23/2008 3:44:00 AM PST by PJ-Comix
[ Post Reply | Private Reply | View Replies]

To: PJ-Comix

Format and reload is the only thing that worked for me.


2 posted on 12/23/2008 3:46:22 AM PST by cmdr straker (BUY AMERICAN keep our tax dollars here.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

Complete instructions:
http://www.bleepingcomputer.com/malware-removal/remove-spyware-guard-2008


3 posted on 12/23/2008 3:47:39 AM PST by xcamel (The urge to save humanity is always a false front for the urge to rule it. - H. L. Mencken)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

Spyware Guard 2008 is a particularly insidious little bug that most spyware and virus protection software won’t detect. The only thing I found that could remove it was SuperAntiSpyware, and it took three tries to root out everything. Thankfully, the program is free. You can download it at http://www.superantispyware.com/.


4 posted on 12/23/2008 3:49:53 AM PST by Namyak (Oderint dum metuant)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

Here is something I found on the Net. Not sure if it will work, but you can give it a try.

Go to Start/Control Panel/Display/Appearance and look for the file “bg.” Go to Search and under “All files anf folders” type in “bg” and voila! you will find bg.jpg and bg.bmp. Delete both files and you will have removed the last remnant of this vicious and nasty rogue application


5 posted on 12/23/2008 3:50:06 AM PST by Sprite518
[ Post Reply | Private Reply | To 1 | View Replies]

To: xcamel

Dude! This is the second time in 24 hours you’ve beat me (within a couple minutes or less) of posting the same exact thing.

Are you my long lost twin brother or something? Jeesh!


6 posted on 12/23/2008 3:50:06 AM PST by CE2949BB (Fight.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: PJ-Comix

Accdg to one website (http://www.malwarehelp.org/spyware-guard-2008-analysis-and-removal-2008.html),

Superantispyware will remove it (http://www.superantispyware.com/superantispyware.html?rid=3596)

Another website:
http://www.xp-vista.com/spyware-removal/spyware-guard-2008-removal-instructions-spywareguard2008


7 posted on 12/23/2008 3:50:20 AM PST by TomGuy
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

You can try Malwarebytes - it depends on which variant you have.

They keep moving the location of the files and renaming them. Ultimately you may end up reformatting and reloading the machine though.

http://www.malwarebytes.org/


8 posted on 12/23/2008 3:51:15 AM PST by JoeVet
[ Post Reply | Private Reply | To 1 | View Replies]

To: xcamel
So all I have to do is download "Remove Spyware Guard 2008" and run it?

I can't believe the efforts the computer virus people use to mess with your computer. You would think they would put those skills to good use.

9 posted on 12/23/2008 3:53:12 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 3 | View Replies]

To: cmdr straker
One of my idiot users who is so good about getting viruses just got this one. Wiping it is about the only way to go where I am at.

Trend-Micro is a worthless AV program. It is apparently good against some lightweights.

10 posted on 12/23/2008 3:55:54 AM PST by wally_bert (Tactical Is Still Missing A Chair! Star Wreck In The Pirkinning......)
[ Post Reply | Private Reply | To 2 | View Replies]

To: wally_bert

goto housecall.trendmicro.com


11 posted on 12/23/2008 3:57:37 AM PST by Neidermeyer
[ Post Reply | Private Reply | To 10 | View Replies]

*


12 posted on 12/23/2008 3:58:49 AM PST by TornadoAlley3 (Obama is everything Oklahoma is not.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

As was said, it’ll get rid of most of the variants...


13 posted on 12/23/2008 4:00:16 AM PST by xcamel (The urge to save humanity is always a false front for the urge to rule it. - H. L. Mencken)
[ Post Reply | Private Reply | To 9 | View Replies]

To: PJ-Comix

Save all of your stuff on an outside hard drvie, then use the restore disks, That is the last option. but I must say that I had to do that, over 50% of the time.

If you can still boot up, spend 30 or 40 bucks to back up your personal stuff, on an a hand held drive. if you can’t boot up, well, I can only suspect that your computer crashed upon trying to establiblish Microsofts SP2. My computer crashed four times trying to do that. Absolute solution, purchase a cheap serial port thing to back up tour stuff, disconnect it, then follow the Mfr’s thing to place your computer to an out of the “out of the box state”, if you have patience, you can do this. I’m saying if your off of the internet, you cant access the internet, you can’t be infecetd. Good luck.


14 posted on 12/23/2008 4:06:18 AM PST by ChetNavVet (Build It, and they won't come!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

15 posted on 12/23/2008 4:06:24 AM PST by musicman
[ Post Reply | Private Reply | To 1 | View Replies]

To: ChetNavVet

It sounds easier to download and run that superantisypware.


16 posted on 12/23/2008 4:09:12 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 14 | View Replies]

To: PJ-Comix
I can't believe the efforts the computer virus people use to mess with your computer.

The glory days of virii (have I dated myself with that word?) have long past.

Nowadays, most of the malware is produced to generate revenue.

17 posted on 12/23/2008 4:09:42 AM PST by CE2949BB (Fight.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: PJ-Comix
What OS are you using?-I have changed to vista which seems more secure than XP.Oh and STOP using I.E -I have started using Google Chrome which is a good variant and is NOT a target of hackers like the way I.E. is.
I hope that helps.
18 posted on 12/23/2008 4:15:12 AM PST by cavador (Three sins in life =Money ,Religion,Media)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix
Bumpers for later.

prisoner6

19 posted on 12/23/2008 4:18:27 AM PST by prisoner6 (Right Wing Nuts hold the country together as the loose screws of the Left fall out.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Namyak; PJ-Comix

SuperAnti is a great program. I use it to weed out stuff every day, and it keeps the PC running smoothly.


20 posted on 12/23/2008 4:18:27 AM PST by Canedawg
[ Post Reply | Private Reply | To 4 | View Replies]

To: PJ-Comix

Stopzilla worked for me.


21 posted on 12/23/2008 4:19:45 AM PST by screaminsunshine (.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Neidermeyer
I'm afraid "The Leader" proclaims that if Spybot and Trend Micro Client can't deal with it, then it has to be wiped.

Dealing with "The Leader" is not easy and maybe one of the hooks I put out will get me somewhere else and try again. At least this is the last day for the year for me. I will be applying a lot over the next couple of weeks.

22 posted on 12/23/2008 4:19:48 AM PST by wally_bert (Tactical Is Still Missing A Chair! Star Wreck In The Pirkinning......)
[ Post Reply | Private Reply | To 11 | View Replies]

To: cavador

I’m using Firefox.


23 posted on 12/23/2008 4:23:21 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 18 | View Replies]

To: PJ-Comix
http://www.malwarebytes.org/mbam.php

Another thumbs up for this one. I used it recently to remove this one and another verminous virus similarly named. The free version did the trick.
24 posted on 12/23/2008 4:23:57 AM PST by Tainan (Yeah, its confusing. But what else is there to do?...Merry Christmas!)
[ Post Reply | Private Reply | To 16 | View Replies]

To: PJ-Comix

25 posted on 12/23/2008 4:24:50 AM PST by dubie
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

26 posted on 12/23/2008 4:25:37 AM PST by dubie
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

27 posted on 12/23/2008 4:26:59 AM PST by dubie
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

You *must* have access to an uninfected computer and either a flash drive or a CD (you can try using LAN, but I prefer to keep the infected computer quarantined).

Important things to note:
- Quarantine your computer from the Internet. Physically unplug your network cables. Do this immediately as soon as you’re aware that you’re infected.
- Don’t bother deleting the Spyware Guard 2008 folder or the winscenter file. They will just come back.
- Do kill the processes immediately whenever they come up.
- The malware may have all kinds of nasty effects, including but not limited to:
Blocking Internet access to sites where you can download things that will remove it
Blocking access to the IP addresses used by MalwareBytes and other anti-spyware programs, preventing them from updating
Preventing Safe Mode from booting up
Interfering with System Restore
Installing viruses continuously in various files all over your computer, even when you are not connected to the Internet
Hijacking your search engine so that clicking on links sends you to malicious sites
And many other worse effects as described above.

Procedure for removal:
1. Download malwarebytes AND the latest update onto your flash drive on an uninfected computer. The malware may prevent malwarebytes from updating itself (did for me).
2. Download SuperAntiSpyware.
3. Change the names of all 3 files. The malware may prevent execution of the files with their original names.
4 Install malwarebytes onto the infected computer. Install the update file. Change the name of the executable file for the installed program.
5. Run malwarebytes (Complete Scan). Stay with your computer, allow the scan to run all the way through, and kill spywareguard.exe and winscenter.exe every time they start up. spywareguard.exe will start randomly every 2-6 minutes and winscenter.exe will start once every 8-15 minutes. If you leave your computer unattended during this scan, it may install more stuff in places that were already scanned.
6. Delete everything it finds and let it restart your computer. Visible signs of infection should be gone, but your computer may still be sluggish. You’re not done.
7. Install SuperAntiSpyware and update it. The update should run properly. You can leave your computer unattended for this one.
8. Delete everything it finds. It is likely to find several instances of TDSSserv, among others.
9. Reboot. Run your preferred antivirus (Avast, AVG, TrendMicro) to reassure yourself that everything’s gone.
10. Your computer should be back to normal. If you like, you can run malwarebytes one more time to make sure no traces are left.



28 posted on 12/23/2008 4:28:34 AM PST by LowOiL (Tagline: Optional, printed after your name on post)
[ Post Reply | Private Reply | To 1 | View Replies]

To: cavador

What OS are you using?-I have changed to vista which seems more secure than XP.Oh and STOP using I.E -I have started using Google Chrome which is a good variant and is NOT a target of hackers like the way I.E. is.
I hope that helps.


Got Linux?
http://distrowatch.com/


29 posted on 12/23/2008 4:34:10 AM PST by killerw ("Let his days be few; and let another take his office." (Psalm 109:8).)
[ Post Reply | Private Reply | To 18 | View Replies]

To: killerw
Why yes...Yes I do. A nicely sent free disk with Ubuntu 8.04.1 LTS DeskTop Edition. Funniest thing, when I installed it it wrecked my entire computer. I had to reformat my C drive.

Darnest thing. They never mention that there is no uninstall program with the prog.

Imagine my dismay. But I'm lucky...the 'free Linux' only cost me approx USD$80 dollars to sort out.
Does penguin really taste like chicken?
30 posted on 12/23/2008 4:49:38 AM PST by Tainan (Yeah, its confusing. But what else is there to do?...Merry Christmas!)
[ Post Reply | Private Reply | To 29 | View Replies]

To: wally_bert

Wiping? You shouldn’t tell people to wipe for something so minor.


31 posted on 12/23/2008 4:53:58 AM PST by TaxRelief (Walmart: Keeping my family on-budget since 1993.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: PJ-Comix

Dumb question perhaps, but how do you know you are injected with this virus? (for those of us perhaps unknowingly infected).


32 posted on 12/23/2008 4:54:34 AM PST by tips up
[ Post Reply | Private Reply | To 1 | View Replies]

To: TaxRelief
Both my leader and junior leader have fooled with variants of this over the last few months.

On systems they pronounced clean and good, a day or two later, the pests would emerge again. Hence, wipe it.

We dare not spend a penny on any good tools. It is so frustrating.

33 posted on 12/23/2008 4:57:55 AM PST by wally_bert (Tactical Is Still Missing A Chair! Star Wreck In The Pirkinning......)
[ Post Reply | Private Reply | To 31 | View Replies]

placemarker


34 posted on 12/23/2008 4:58:52 AM PST by Oztrich Boy (Kill the English their concept of individual rights might undermine the power of our beloved tyrants)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix; rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

35 posted on 12/23/2008 5:02:54 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

Does anyone get these viruses on their MAC?


36 posted on 12/23/2008 5:17:25 AM PST by EQAndyBuzz ("Control the information, you control the people.")
[ Post Reply | Private Reply | To 35 | View Replies]

To: CodeToad; Squantos; hiredhand; Myrddin

Thoughts appreciated.


37 posted on 12/23/2008 5:17:34 AM PST by Travis McGee (--www.EnemiesForeignAndDomestic.com--)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Tainan
Darnest thing. They never mention that there is no uninstall program with the prog.

You're kidding, right?

There's also no uninstall program for any flavor of Windows out. Linux is an operating system. The disk you were sent likely (it's been awhile since I've tried it) has an option to either run from the CD, or to install it on your machine.

When you install it, you are reformatting your drive and replacing Windows. There is no backing out of that. Likewise, if you had Linux installed, and you ran a Win32/Win95/Win98/WinNT/WinMe/WinXP/WinVista installer, it would reformat the drive and install itself over whatever OS was previously on there.

I use Win2K3, WinXP, Mac, and several instances of Linux at my home office and at all my client sites. I'm a "fanboy" of all of them. I try to avoid disparaging any of them, especially when it's due to "cockpit trouble".

38 posted on 12/23/2008 5:21:59 AM PST by Egon (The difference between Theory and Practice: In Theory, there is no difference.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: PJ-Comix
'I let someone else use my computer yesterday so perhaps that is when it got infected.'

Riiiight. Clicked on the wrong pic at Juggs.com, didn't ya?


39 posted on 12/23/2008 5:29:43 AM PST by Viking2002 (Let's be proactive and start the impeachment NOW.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix

You’ve been spending too much time at the DUmp. <-:)


40 posted on 12/23/2008 5:35:06 AM PST by Arrowhead1952 (The main stream media lied - America died.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: EQAndyBuzz; Swordmaker
Does anyone get these viruses on their MAC?

I sincerely doubt it. But Swordmaker is the Apple guy here on FR.

I prefer Linux. :)

41 posted on 12/23/2008 5:35:49 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 36 | View Replies]

To: TomGuy
Okay. I'm running the SuperAntiSpyware program now and it has already detected two Trojan.Dropper items. Hopefully when the scan is complete, it will also be able to delete those viruses.

BTW, I am using Firefox, not IE.

42 posted on 12/23/2008 5:40:13 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 7 | View Replies]

To: tips up
Dumb question perhaps, but how do you know you are injected with this virus? (for those of us perhaps unknowingly infected).

Don't "worry." If you are infected by SpyGuard 2008, you'll know it. However, for ease of mind just download the free SuperAntiSpyWare program like me and run it. The virus was detected but my big concern right now is if it can be deleted.

43 posted on 12/23/2008 5:42:27 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 32 | View Replies]

To: TomGuy

How long does the SuperAntiSpyware scan take? I have to split out in an hour. Also can I hit “next” in the middle of a scan and take care of the viruses already detected? The number of such viruses is now up to 4.


44 posted on 12/23/2008 5:52:38 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 7 | View Replies]

To: PJ-Comix
How long does the SuperAntiSpyware scan take?

Depends on the size of your hard drive.

If you need to leave it, I would suggest turning off your monitor, but letting the pc/scan run to completion. Then you can finish the selections later.
45 posted on 12/23/2008 5:58:37 AM PST by TomGuy
[ Post Reply | Private Reply | To 44 | View Replies]

To: TomGuy

So I can let my ‘puter sit until I come back this evening?


46 posted on 12/23/2008 6:03:45 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 45 | View Replies]

To: PJ-Comix

I had this nasty piece of work and every tech board I saw pointed to “SpyNoMore”. Worked great.


47 posted on 12/23/2008 6:11:24 AM PST by stylin19a ( Real Men don't declare unplayable lies)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PJ-Comix
So I can let my ‘puter sit until I come back this evening?

You should be able to. I have mine on all day. Sometimes, if I am downloading large files, I will even let it run all night. I do turn off the monitor, however.

Otherwise, shut it down and restart the scan this evening when you have more time to 'babysit' it.

Those scans can take a couple of hours, depending on your hard drive size.
48 posted on 12/23/2008 6:12:26 AM PST by TomGuy
[ Post Reply | Private Reply | To 46 | View Replies]

To: Egon
"cockpit trouble"....yeah, right.

Not referring to 'Windows' progs...I was pretty specific about Linux.
I installed the uBuntu to a partition I created on my C. It was a very troublesome install and went completely flaky from there on.
I spent quite a bit of time learning, as best I could, about Linux before trying it. It was a disaster. Maybe it was my fault - maybe my learning curve just wasn't sufficient to use the prog. I had decided upon either MINT or uBuntu. On the advice of another Freeper I chose uBuntu.
Those were my results.
I'm not a 'fanboy' of any computer rlated item. To me they are just tools. Either they work for me and I use them or they don't.
based on the hype I've read, I expected my 'Linux experience' to be abundantly more rewarding than it was.
49 posted on 12/23/2008 6:16:33 AM PST by Tainan (Yeah, its confusing. But what else is there to do?...Merry Christmas!)
[ Post Reply | Private Reply | To 38 | View Replies]

To: TomGuy

Yeah, I’ll let it run today with the monitor off and then check back tonight. I really need to get rid of that virus. So far SuperAntiSpyWare has detected a bunch of those viruses and hopefully can remove them.


50 posted on 12/23/2008 6:18:02 AM PST by PJ-Comix (The Tide Turned Just a Half Year After Pearl Harbor)
[ Post Reply | Private Reply | To 48 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-72 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson