Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware Protect 2009 - Tried EVERYTHING


  • Please log in to reply
1 reply to this topic

#1 lalindsey

lalindsey

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 28 February 2009 - 08:34 PM

Ok, help!

Friday afternoon my work laptop was infected with Spyware Protect 2009. I have followed the guide on this site and many others by removing registry keys, deleting files in the windows folder, programs folder, etc - stopping processes etc.

BUT I cannot run ANY anti-virus programs - or anti malware - most notably malwarebytes. I even created a boot disc with Avira to scan and it found nothing!

I know I have the spyware protect virus because I got the popups, found the corresponding files & registry keys (sysguard.exe, etc). They are all gone - but I'm getting increasingly worse performance with my laptop. I even tried to run the malwarebytes program from safe mode - same result. I also tried the suggestions by changing the file name AND extensions - no good.

This wonderful malware also prohibits me from visiting your site so I have to post from my personal laptop.

What am I missing - and what in the world can I do to at least get malwarebytes to run?

I'm getting random popups in firefox still, security and random other sites are blocked, can't run any anti-virus/anti-malware programs, and most recently this evening I can no longer connect via VPN to my work network, AND I couldn't login to Windows normally. When I tried to press "CTRL + ALT+ DEL" to login to normal windows it did nothing. I can log into safe mode w/ networking though.

Please, any help would be appreciated anything that can help would help me out!

I've read that this type of malware can be mutating - so how will I ever know if I got all the files deleted/removed?

Also - another thing I wanted to note is when I do try to run something like malwarebytes or avira - i can see the process in my process list - but it never comes active and sits at about 3,000k memory usage.

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 02 March 2009 - 04:45 PM

Rename this file:

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

To something else such as:

abcde.bat

Then double click the file and see if Malwarebytes will run.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users