News | Forum | Free Software | Online Scanners | Tutorials - HowTo
Been infected with spyware? Tell us about your problem.
For fast automatic spyware removal, try CounterSpy, SUPERAntiSpyware

Removal instructions for SpywareGuard2008

SpywareGuard2008 is a rogue antispyware application. The software was found being advertised on a fake online antispyware scanners. If you have the misfortune to run the rogue anti-spyware program, SpywareGuard2008 is set to start automatically when your computer starts. It then scans your computer for supposed spyware and malware and displays a list of the items found. It is quite funny, though, as it finds its own components and labels them as spyware as shown in the image below.

rogue antispyware

If you get infected with this rogue antispyware app, please do not be fooled into buying it. Instead use the instructions below to remove the software.

Symptoms in a HijackThis Log:

O4 - HKCU\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe

Use the following instructions to remove SpywareGuard2008.

1. Download Malwarebytes’ Anti-Malware (MBAM). The program designed to quickly detect, destroy and prevent malware, spyware, trojans.
2. Once downloaded, close all programs and Windows on your computer (including this one.)
3. Double-click on the icon named mbam-setup.exe to install the application.
4. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
5. If an update is found, it will download and install the latest version.
6 Once the program has loaded, select “Perform Quick Scan”, then click Scan.
7. MBAM will now start scanning your computer for malware. This process may take some time to finish,so please be patient.
8. When the scan is complete, click OK, then Show Results to view the results.
9. Make sure that everything is checked, and click Remove Selected.
10. MBAM will now delete all of the files and registry keys and add them to the quarantine.
11. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

SpywareGuard2008 creates the following files:

c:\Windows\reged.exe
c:\Windows\spoolsystem.exe
c:\Windows\sys.com
c:\Windows\syscert.exe
c:\Windows\sysexplorer.exe
c:\Windows\vmreg.dll
c:\Documents and Settings\%Username%\Desktop\Spyware Guard 2008.lnk
c:\Documents and Settings\%Username%\Start Menu\Programs\Spyware Guard 2008\Spyware Guard 2008.lnk
c:\Documents and Settings\%Username%\Start Menu\Programs\Spyware Guard 2008\Uninstall.lnk
c:\Program Files\Spyware Guard 2008\conf.cfg
c:\Program Files\Spyware Guard 2008\mbase.vdb
c:\Program Files\Spyware Guard 2008\quarantine.vdb
c:\Program Files\Spyware Guard 2008\queue.vdb
c:\Program Files\Spyware Guard 2008\spywareguard.exe
c:\Program Files\Spyware Guard 2008\uninstall.exe
c:\Program Files\Spyware Guard 2008\vbase.vdb
c:\Documents and Settings\%Username%\Application Data\Microsoft\Internet Explorer\olesys.dll

If you are still having problems with your computer, then I would recommend you follow the instructions.

October 3, 2008 on 8:57 am | In Rogue Anti Spyware, Tips, Tutorials - HowTo | |
Submit to: Digg | SlashDot | Del.icio.us

No Comments yet »

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 4 chars within 0..9 and A..F, and submit the form.

  

Oh no, I cannot read this. Please, generate a


MY ANTI SPYWARE Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds. Valid XHTML and CSS. ^Top^