Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ransom ware removed but can't open any security programs.


  • Please log in to reply
1 reply to this topic

#1 Impulse 101

Impulse 101

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 09 October 2011 - 01:23 PM

I removed The guard online virus from my machine but whatever process that it installed to block my security programs still remains. I am running XP sp3 32 bit and have tried to install or run avast, windows defender, Microsoft security essentials and malwarebytes. I can get malware bytes to run in safe mode but I can't run install, remove or anything else with the other programs.

Any ideas.

JT


Ps this is a great website and I can't wait to use what I've learned here on my other machines.

BC AdBot (Login to Remove)

 


#2 Impulse 101

Impulse 101
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 09 October 2011 - 03:18 PM

OK,
I solved the problem myself, or at least with the help of a lot of other posts and some common sense.

I rebooted in safe mode and ran rkill and combofix again. After that I was able to uninstall Avast completely via the control panel. Then I downloaded Avast and brought the computer back up in regular mode, when it let me reinstall Avast I knew that I was finally free of Guard Online.

This latest version of guard online is particularly nasty and it took a lot of work, probably eight hours worth to get it off the machine. In the end I had to manually disable it by pulling a few things out of the registry. Then run rkill,rkproxy, FixNCR, and malwarebytes to get my machine cleaned off.

JT




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users