12 replies to this topic

[Fright]

http://www.associate...l?page=2&cat=15

I found this program while looking for a program to remove the Malware virus "Spyware Guard 2008." Apparently it hit a lot of sites during Christmas time, I'm not even sure what site I was on when I actually got it.

It installs itself and has a pop up that pops up about every 2 minutes asking you to purchase their anti virus programs. Once you close it, it then tells Windows you need to activate it to make your computer secure (which it actually tries to make you buy their service which is located in Russia I found out). It wont let you search websites or install new programs to try and delete it. When you do delete the files it just remakes them after you delete them even in safe mode. It also blocks system restore dates so you can't restore your computer to a time before it downloaded. You actually have to install a script called Avenger to even install the Anti Malware program in the first link since the program blocks any installations. The script can be found here which you would need to run first...

http://www.myantispy...trojan-tdsserv/

The Malwarebytes program is awesome. It's free and detects/removes a lot of virus's my Norton and AVG didn't find. If you EVER get this virus, you can thank me for this information later! Took me over 4 hours to get this removed and I know quite a few people who know about virus removal, pretty nasty virus.

Also, a lot of sites will suggest reformatting to fix this, that is also doable, but this will save you a lot of time instead.

[shinner]

Malwarebytes can't seem to get rid of the virus on my desktop pc....boot into safe mode, run Malwarebytes, it kills a couple things. Restart, run Malwarebytes again and bingo, they're back. I'm screwed. I really need to get motivated and backup my data, then wipe the hard drive (down to repartitioning) and start over.

[Darth Biscuit]

Dude, I just dealt with this same thing this morning... what's the deal?

Malwarebytes fixed it when Spybot and others couldn't... I also got a new AV program so hopefully it won't happen again.

[Fright]

Sorry to hear! I have no idea how it's been hosted on websites this long. Several forum members on different sites are trying to form legal lawsuits against the sites hosting it, but aparently all the servers and the CC database used (if someone is dumb enough to buy the anti virus they offer) are located in Russia.

This happened to me two days after Christmas and I guess it's still around!

[Darth Biscuit]

Yeah, I don't know where I picked it up... I don't think it did anything harmful, just creating lots of annoying pop-ups. It seems to be gone now.

[shinner]

Dude, I just dealt with this same thing this morning... what's the deal?

Malwarebytes fixed it when Spybot and others couldn't... I also got a new AV program so hopefully it won't happen again.

No idea....I've tried to kill it multiple times in safe mode but when I boot back into normal startup and run MLB, they're back. And yeah, I have system restore turned off. So screw it...I'm backing up data right now and an gonna blow it all out and start over.

[Darth Biscuit]

No idea....I've tried to kill it multiple times in safe mode but when I boot back into normal startup and run MLB, they're back. And yeah, I have system restore turned off. So screw it...I'm backing up data right now and an gonna blow it all out and start over.

Hmmm... that sucks. I definitely could not have afforded to do that, all my work poo is on this laptop.
The one I had was apparently "Virtumonde" a trojan virus. Malwarebytes killed it... it had to reboot and delete some files, but the other spyware progs wouldn't even do that.

[shinner]

I had a couple....the prunet one and one that popped up the av thing. have no idea how I got them but they won't die easy. right now I'm down to just a couple registry entries. MLB kills em, I reboot and they're back.

So....I have a big ass external HD I'm backing up to. Once I'm done I'll run MLB on that drive to make sure it's clean. Once I know it is, I'll disconnect it and fire up a new WinXP install.

[Darth Biscuit]

Good luck, OS installs (and all that comes after) suck.

[Fright]

Ouch, that sucks nothing helped. Did you try to update Malwarebytes before you ran it? I read the virus I had couldn't be deleted fully until you updated it. But yea, people responsible for this should get a left nut removed, seriously.

[shinner]

Good luck, OS installs (and all that comes after) suck.

With 4 PCs in the house I'm used to refreshing Windows installations

Kid's PCs are easier though as they really don't have anything that needs backing up.

Ouch, that sucks nothing helped. Did you try to update Malwarebytes before you ran it? I read the virus I had couldn't be deleted fully until you updated it.

I didn't update it because I couldn't get on the net...ran AVG prior to MLB and something it found must have been important to networking, so when I let it whack the virus, it screwed up my network connection.

Finished backing up....will start the reinstall tomorrow. Need to burn a boot CD first so I can boot to it and delete all partitions, then start over.

[Speed]

But yea, people responsible for this should get a left nut removed, seriously.

They are the same ones that sell the fix.

[Fright]

Funny, my fix didn't cost a dollar. But I know where you're coming from. This virus actually infected your computer w/ pop ups to buy anti virus protection lol. Very interesting eh?