Posted 28 February 2009 - 08:34 PM
Friday afternoon my work laptop was infected with Spyware Protect 2009. I have followed the guide on this site and many others by removing registry keys, deleting files in the windows folder, programs folder, etc - stopping processes etc.
BUT I cannot run ANY anti-virus programs - or anti malware - most notably malwarebytes. I even created a boot disc with Avira to scan and it found nothing!
I know I have the spyware protect virus because I got the popups, found the corresponding files & registry keys (sysguard.exe, etc). They are all gone - but I'm getting increasingly worse performance with my laptop. I even tried to run the malwarebytes program from safe mode - same result. I also tried the suggestions by changing the file name AND extensions - no good.
This wonderful malware also prohibits me from visiting your site so I have to post from my personal laptop.
What am I missing - and what in the world can I do to at least get malwarebytes to run?
I'm getting random popups in firefox still, security and random other sites are blocked, can't run any anti-virus/anti-malware programs, and most recently this evening I can no longer connect via VPN to my work network, AND I couldn't login to Windows normally. When I tried to press "CTRL + ALT+ DEL" to login to normal windows it did nothing. I can log into safe mode w/ networking though.
Please, any help would be appreciated anything that can help would help me out!
I've read that this type of malware can be mutating - so how will I ever know if I got all the files deleted/removed?
Also - another thing I wanted to note is when I do try to run something like malwarebytes or avira - i can see the process in my process list - but it never comes active and sits at about 3,000k memory usage.