Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spywareguard-2008 infected my laptop


  • This topic is locked This topic is locked
2 replies to this topic

#1 HW007

HW007

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 16 December 2008 - 02:38 PM

Hi,

A few days ago I managed to get an anti spyware program "Spyware Guard 2008" on my PC. I removed the registers (regedit), the shortcut, The Maps in programfiles. I used WindowsOneCare, AVG Free 8.0, ErrorFix and Malwarebytes Anti Malware. Then I found this forum and followed the given steps. Ran a scan with Kaspersky, but no malware found? (Spyware Guard 2008 still comming up every 5 minutes). meanwhile AVG notices infections on C:\windows\system32\winscenter.exe and I had it repaired every time (over 100 times).

Then I downloaded and ran DDS as adviced once.

The 2 textfiles are placed at the end of my writing.

Could anyone advice what to do, and in what order. My PC is very ver slow.

kind regards HW007

DDS.txt:
------


DDS (Version 1.1.0) - NTFSx86
Run by Hans at 20:20:48,14 on di 16-12-2008
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.166 [GMT 1:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\tsnpstd3.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ErrorFix\ErrorFix.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\KPN Mobile Connect\Modem.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Guard 2008\spywareguard.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\Hans\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1229380834&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fn%3D1794479628&id=64855
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ErrorFix] c:\program files\errorfix\ErrorFix.exe -boot
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [FixCamera] c:\windows\FixCamera.exe
mRun: [snpstd3] c:\windows\vsnpstd3.exe
mRun: [tsnpstd3] c:\windows\tsnpstd3.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [spywareguard] c:\program files\spyware guard 2008\spywareguard.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: {A944F0AB-9C26-43B0-BC68-37D0EF103584} = 62.133.126.28 62.133.126.29
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll
SSODL: ieModule - {5C7B0F40-32CD-4AF0-96E6-370E547CB19D} - c:\documents and settings\all users\application data\microsoft\internet explorer\dlls\ieModule.dll
SSODL: InternetConnection - {3792D76B-3441-4F77-81AE-DAD0A0803256} - c:\documents and settings\all users\application data\microsoft\internet explorer\dlls\gwibisribp.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-15 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-12-15 26824]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-12-15 231704]
S2 EC72C412D6DDE27A;EC72C412D6DDE27A;\??\c:\documents and settings\hans\desktop\ec72c412d6dde27a\EC72C412D6DDE27A []

=============== Created Last 30 ================

2008-12-16 18:33 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-16 18:33 73,728 a------- c:\windows\system32\javacpl.cpl
2008-12-16 16:45 <DIR> --d----- c:\program files\Spyware Guard 2008
2008-12-16 16:36 1,003,957 a------- c:\windows\sysexplorer.exe
2008-12-16 16:36 134,149 a------- c:\windows\reged.exe
2008-12-16 16:36 51,197 a------- c:\windows\spoolsystem.exe
2008-12-16 16:36 50,620 a------- c:\windows\sys.com
2008-12-16 16:36 47,872 a------- c:\windows\syscert.exe
2008-12-16 16:36 18,941 a------- c:\windows\vmreg.dll
2008-12-16 15:48 <DIR> --d----- c:\docume~1\hans\applic~1\Malwarebytes
2008-12-16 15:48 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-16 15:48 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-16 15:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-16 15:48 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-16 04:38 <DIR> --d----- c:\docume~1\hans\applic~1\ErrorFix
2008-12-16 04:38 <DIR> --d----- c:\program files\ErrorFix
2008-12-16 01:01 <DIR> --d----- C:\AVG Database
2008-12-15 23:12 <DIR> --d-h--- C:\$AVG8.VAULT$
2008-12-15 22:57 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-12-15 22:57 97,928 a------- c:\windows\system32\drivers\avgldx86.sys
2008-12-15 22:57 <DIR> --d----- c:\windows\system32\drivers\Avg
2008-12-15 22:57 <DIR> --d----- c:\docume~1\hans\applic~1\AVGTOOLBAR
2008-12-15 22:57 <DIR> --d----- c:\program files\AVG
2008-12-15 22:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2008-12-15 06:00 138 a------- c:\windows\My Video.url
2008-12-15 05:59 <DIR> --d----- c:\program files\XX
2008-12-11 03:01 552 a------- c:\windows\system32\DO_NOT_DELETE.backupSetID
2008-12-10 23:34 53,760 ac------ c:\windows\system32\dllcache\vfwwdm32.dll
2008-12-10 23:34 53,760 a------- c:\windows\system32\vfwwdm32.dll
2008-12-10 23:34 91,136 ac------ c:\windows\system32\dllcache\kswdmcap.ax
2008-12-10 23:34 43,008 ac------ c:\windows\system32\dllcache\ksxbar.ax
2008-12-10 23:34 91,136 a------- c:\windows\system32\kswdmcap.ax
2008-12-10 23:34 43,008 a------- c:\windows\system32\ksxbar.ax
2008-12-10 23:34 61,952 ac------ c:\windows\system32\dllcache\kstvtune.ax
2008-12-10 23:34 61,952 a------- c:\windows\system32\kstvtune.ax
2008-12-10 23:31 835,584 a------- c:\windows\vsnpstd3.exe
2008-12-10 23:31 270,336 a------- c:\windows\tsnpstd3.exe
2008-12-10 23:31 15,498 a------- c:\windows\snpstd3.ini
2008-12-10 23:31 13,023 a------- c:\windows\snpstd3.src
2008-12-10 23:31 3,968 a------- c:\windows\system32\drivers\denoise.sys
2008-12-10 23:31 10,423,936 a------- c:\windows\system32\drivers\snpstd3.sys
2008-12-10 23:31 61,440 a------- c:\windows\system32\vsnpstd3.dll
2008-12-10 23:31 163,840 a------- c:\windows\system32\rsnpstd3.dll
2008-12-10 23:31 53,248 a------- c:\windows\system32\csnpstd3.dll
2008-12-10 23:31 53,248 a------- c:\windows\csnpstd3.dll
2008-12-10 23:31 <DIR> --d----- c:\program files\common files\snpstd3
2008-12-10 23:29 20,480 a------- c:\windows\FixCamera.exe
2008-12-10 22:33 94,208 a------- c:\windows\amcap.exe
2008-12-05 13:43 <DIR> --d----- c:\windows\SHELLNEW
2008-11-27 00:26 401,408 a------- c:\windows\system32\lfcmp13n.dll
2008-11-27 00:26 206,336 a------- c:\windows\system32\ltefx13n.dll
2008-11-27 00:26 69,632 a------- c:\windows\system32\lfgif13n.dll
2008-11-27 00:26 57,344 a------- c:\windows\system32\lfbmp13n.dll
2008-11-27 00:26 462,848 a------- c:\windows\system32\ltkrn13n.dll
2008-11-27 00:26 450,560 a------- c:\windows\system32\ltimg13n.dll
2008-11-27 00:26 299,008 a------- c:\windows\system32\ltdis13n.dll
2008-11-27 00:26 163,840 a------- c:\windows\system32\ltfil13n.dll
2008-11-26 12:36 421,888 a------- c:\windows\system32\ac3filter.acm
2008-11-26 12:36 <DIR> --d----- c:\program files\XP Codec Pack
2008-11-25 22:41 <DIR> --d----- c:\program files\MSXML 4.0
2008-11-25 22:40 1,079,808 a------- c:\windows\system32\mfc80u.dll
2008-11-25 22:40 626,688 a------- c:\windows\system32\msvcr80.dll
2008-11-25 22:40 548,864 a------- c:\windows\system32\msvcp80.dll
2008-11-25 22:40 95,744 a------- c:\windows\system32\atl80.dll
2008-11-25 22:40 <DIR> --d----- c:\program files\OLYMPUS
2008-11-25 22:36 60,634,920 a------- c:\program files\OS221Setup.exe
2008-11-25 04:40 <DIR> --d--r-- c:\docume~1\hans\applic~1\Brother
2008-11-20 21:19 302,928 a------- c:\program files\dxwebsetup.exe
2008-11-20 21:16 <DIR> --d----- c:\windows\Logs
2008-11-20 15:31 664 a------- c:\windows\system32\d3d9caps.dat
2008-11-20 14:54 1,018,008 a------- c:\program files\Google_Updater.exe
2008-11-19 19:26 <DIR> --d----- c:\windows\system32\NtmsData
2008-11-19 04:46 40 a------- c:\windows\opt_5040.ini
2008-11-19 03:12 <DIR> --d----- c:\windows\system32\scripting
2008-11-19 03:12 <DIR> --d----- c:\windows\l2schemas
2008-11-19 03:12 <DIR> --d----- c:\windows\system32\en
2008-11-19 03:08 <DIR> --d----- c:\windows\ServicePackFiles
2008-11-19 03:03 <DIR> --d----- c:\windows\system32\ReinstallBackups
2008-11-19 02:59 <DIR> --d----- c:\windows\EHome
2008-11-19 01:36 873,134 a------- c:\windows\system32\oem7.inf
2008-11-19 01:35 6,272 a------- c:\windows\system32\drivers\splitter.sys
2008-11-19 01:35 83,072 a------- c:\windows\system32\drivers\wdmaud.sys
2008-11-19 01:32 30 a------- c:\windows\system32\brss01a.ini
2008-11-19 01:32 184 a------- c:\windows\system32\brsvc01a.bsi
2008-11-19 01:32 410 a------- c:\windows\BRWMARK.INI
2008-11-19 01:32 26 a------- c:\windows\BRPP2KA.INI
2008-11-19 01:07 104,960 -------- c:\windows\system32\drivers\atinrvxx.sys
2008-11-19 00:46 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2008-11-19 00:46 138,496 -c------ c:\windows\system32\dllcache\afd.sys
2008-11-19 00:46 333,824 -c------ c:\windows\system32\dllcache\srv.sys
2008-11-19 00:45 1,846,400 -c------ c:\windows\system32\dllcache\win32k.sys
2008-11-19 00:45 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-19 00:45 2,189,184 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-19 00:45 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-19 00:45 2,066,048 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-19 00:44 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2008-11-19 00:44 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-11-19 00:44 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2008-11-19 00:43 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2008-11-19 00:43 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2008-11-19 00:43 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2008-11-19 00:17 <DIR> --d----- c:\windows\system32\PreInstall
2008-11-18 21:04 268,648 a------- c:\windows\system32\mucltui.dll
2008-11-18 21:04 27,496 a------- c:\windows\system32\mucltui.dll.mui
2008-11-18 20:11 <DIR> --d-h--- c:\windows\msdownld.tmp
2008-11-18 20:08 26,488 a------- c:\windows\system32\spupdsvc.exe
2008-11-18 20:03 <DIR> --d----- c:\windows\network diagnostic
2008-11-18 20:02 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll
2008-11-18 20:02 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll
2008-11-18 20:02 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-18 20:02 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll
2008-11-18 20:02 63,488 -c------ c:\windows\system32\dllcache\icardie.dll
2008-11-18 20:02 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe
2008-11-18 20:02 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat
2008-11-18 20:02 991,232 -c------ c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-18 20:02 6,066,176 -c------ c:\windows\system32\dllcache\ieframe.dll
2008-11-18 19:35 <DIR> --d----- c:\program files\Windows Live Toolbar
2008-11-18 18:18 <DIR> --d----- c:\windows\system32\bits
2008-11-18 18:17 7,168 -------- c:\windows\system32\bitsprx4.dll
2008-11-18 18:17 <DIR> --d-h--- c:\windows\$hf_mig$
2008-11-18 17:21 <DIR> --d----- c:\windows\pss
2008-11-18 17:05 <DIR> --dsh--- c:\documents and settings\hans\UserData
2008-11-18 16:02 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-11-18 07:58 100,608 a------- c:\windows\system32\drivers\ZTEusbser6k.sys
2008-11-18 07:58 100,608 a------- c:\windows\system32\drivers\ZTEusbnmea.sys
2008-11-18 07:58 100,608 a------- c:\windows\system32\drivers\ZTEusbmdm6k.sys
2008-11-18 07:58 <DIR> --d----- c:\windows\system32\SupportAppXL
2008-11-18 07:58 <DIR> --d----- c:\program files\KPN Mobile Connect
2008-11-18 07:12 3,072 a------- c:\windows\system32\drivers\audstub.sys
2008-11-18 07:11 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2008-11-18 07:11 10,240 a------- c:\windows\system32\drivers\compbatt.sys
2008-11-18 07:11 14,208 a------- c:\windows\system32\drivers\battc.sys
2008-11-18 07:11 13,952 a------- c:\windows\system32\drivers\cmbatt.sys
2008-11-18 07:11 57,600 a------- c:\windows\system32\drivers\redbook.sys
2008-11-18 07:11 20,992 a------- c:\windows\system32\drivers\RTL8139.sys
2008-11-18 07:10 5,504 a------- c:\windows\system32\drivers\intelide.sys
2008-11-18 07:10 74,240 a------- c:\windows\system32\usbui.dll
2008-11-18 07:10 8,832 a------- c:\windows\system32\drivers\wmiacpi.sys
2008-11-18 07:09 <DIR> --d----- c:\program files\common files\ODBC
2008-11-18 07:09 <DIR> --d----- c:\program files\common files\SpeechEngines
2008-11-18 07:08 482,304 ac------ c:\windows\system32\dllcache\pintlgnt.ime
2008-11-18 07:07 13,463,552 ac------ c:\windows\system32\dllcache\hwxjpn.dll
2008-11-18 07:06 <DIR> --d--r-- c:\documents and settings\all users\Documents
2008-11-18 07:06 1,042,903 ac------ c:\windows\system32\dllcache\SP2.CAT
2008-11-18 07:06 797,189 ac------ c:\windows\system32\dllcache\NT5IIS.CAT
2008-11-18 07:06 399,645 ac------ c:\windows\system32\dllcache\MAPIMIG.CAT
2008-11-18 07:06 37,484 ac------ c:\windows\system32\dllcache\MW770.CAT
2008-11-18 07:06 13,472 ac------ c:\windows\system32\dllcache\HPCRDP.CAT
2008-11-18 07:06 8,574 ac------ c:\windows\system32\dllcache\IASNT4.CAT
2008-11-18 07:06 7,334 ac------ c:\windows\system32\dllcache\wmerrenu.cat
2008-11-18 07:06 7,029 ac------ c:\windows\system32\dllcache\OEMBIOS.CAT
2008-11-18 07:06 13,753 a----r-- c:\windows\SET8.tmp
2008-11-18 07:06 1,086,058 a----r-- c:\windows\SET4.tmp
2008-11-18 07:06 1,042,903 a----r-- c:\windows\SET3.tmp
2008-11-18 07:06 <DIR> --d----- c:\windows\system32\CatRoot2
2008-11-18 07:06 <DIR> --d----- c:\windows\system32\CatRoot
2008-11-18 07:04 <DIR> --d----- C:\Documents and Settings
2008-11-18 07:03 287 a------- c:\windows\system32\$winnt$.inf
2008-11-18 06:48 <DIR> --d----- c:\documents and settings\Hans
2008-11-18 06:44 <DIR> --ds---- c:\windows\system32\Microsoft
2008-11-18 06:38 <DIR> --dsh--- c:\documents and settings\all users\DRM
2008-11-18 06:38 <DIR> --d-h--- c:\program files\WindowsUpdate
2008-11-18 06:37 <DIR> --d----- c:\program files\common files\MSSoap
2008-11-18 06:35 <DIR> --d----- c:\program files\Online Services
2008-11-18 06:35 <DIR> --d----- c:\program files\Messenger
2008-11-18 06:35 <DIR> --d----- c:\program files\MSN Gaming Zone
2008-11-18 06:34 <DIR> --d----- c:\program files\Windows NT

==================== Find3M ====================

2008-11-19 03:14 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-18 06:36 21,640 a------- c:\windows\system32\emptyregdb.dat
2008-10-24 12:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 13:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 21:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-03 11:02 247,326 a------- c:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll

============= FINISH: 20:21:21,46 ===============

=============
Attach.txt:
-----



=============

Attached Files



BC AdBot (Login to Remove)

 


#2 HW007

HW007
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 16 December 2008 - 11:38 PM

Hi, me again.

I solve the problem, by removing Spyware Guard 2008 from my laptop.

Using the advice given in this forum, I tried about 6 hours to remove the SG2008, but unsuccesful.

Then I used taskmanager to put SG2008 on low priority. I let it run in the background, and if it popped up I just paused it and x- it away. The Icon remained in the bar on bottom of the screen. It popped up every 10 minutes. So I had 10 minutes to fix it.

With regedit I scanned the register for "spywar", and removed all keys containing "Spyware Guard".
With regedit I also scanned on "winscenter". This program was every 10 minutes created when I killed SG2008. Also removed the keys.
With START I searched the files on "winscenter" and "spywar" and removed the files, exept the .exe file. I let it run.
Again checking the register and files on names. Then SG2008 came with an IO-error, but on clicking the X, it just continued running.
Again checking register and files an discovered it created a conf.cfg file. I removed the file. I also removed the .exe file from Startup.

Then I started task manager Ctr-Alt-Del and killed the SG2008. Immediately after that I shut down the computer.

Left it for 10 minutes out, and restarted. No SG2008. I ran Malwarebytes'Antimalware and only 2 infections were left. After removing them no SG2008 on my PC.

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:08:20 AM

Posted 25 December 2008 - 02:43 PM

Hello HW007,

Thanks for letting us know. :thumbsup:

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users