Spyware Guard 2008 Analysis and Removal

186 Responses to “Spyware Guard 2008 Analysis and Removal”

1. Edy on November 1st, 2008 12:49 PM
   

   When searching for an antispyware scanner that will protect and clean your PC it can get a little confusing. There are so many available it’s hard to know which one will work the best.
   Antispyware solution from Search-and-destroy.
   If you’re like me, you’ve probably tried a variety of them all and found they basically all find the same types of bugs. Through my experimenting I’ve found that the antispyware solution from Search-and-destroy at search-and-destroy works the best. Search-and-destroy cleans and protects my computer just as good as any scanner, it gets rid of those nasty bugs and it does it all for less than many of the others available.
2. Erik on November 13th, 2008 10:57 PM
   

   I used the SUPERantispyware removal tool with some success against the Spyware Guard 2008 malware. Unfortunately it didn’t eradicate it entirely. I still have a problem where I get a little dialog bubble from a Securty Center application that runs in the system tray. I found the process and went into msconfig to try and stop it from loading. There is another application somewhere that spawns an executable (wsc32x.exe) that gets created an installed in the WINDOWS/System32 directory. Then it just generates bogus messages that since I don’t have Spyware Guard 2008 active, my system is at risk. Nothing I have found online addresses this issue. I don’t want to have to wipe my harddrive and start over but I’m very close to doing just that.
3. Shanmuga on November 13th, 2008 11:05 PM
   

   Malwarebytes’ Anti-Malware free version is updated to remove this rogue. Try a scan with it. Post back how it goes.
4. Vickie on November 14th, 2008 9:04 PM
   

   My desk top is frozen and I am not able to even get it do anything. How can I get this down loaded so that I can use once again use my computer? I have the virus thats called Spy Ware Guard 2008? Any help would be so much appreciated Thanks Vickie
5. Erik on November 27th, 2008 12:29 AM
   

   Just a follow-up. The MalwareBytes took care of it and finished-off what the Super AntiSpyware missed. Anyway, I have both and use them fairly regularly now. So, it seems like I’m pretty well back to normal.
6. DEnisse on November 30th, 2008 9:02 PM
   

   i want to delete this spyware guard and it keeps popping up. I’ve done it various time and it doesnt deletes.
7. jan on December 2nd, 2008 7:46 PM
   

   I do not know where to begin to get rid of spyware guard 2008 off my computer. can anyone help

   thanks
8. Randy on December 5th, 2008 12:39 PM
   

   SmitFraudFix cleaned this up in like 5 minutes for me
9. Chris on December 6th, 2008 1:43 AM
   

   If you download it, and in the process find out that it is a rouge, then delete it, does it still take your money? How do I protect my credit?
10. hykingo on December 8th, 2008 1:23 PM
    

    I am experiencing what Erik described with the dialog bubble from a Security Center application that runs in the system tray, but I can’t get rid of it
    I ran both MalwareBytes and SUPERantispyware with up to date version and still experience the dialog bubble. I can’t seem to locate WINDOWS/System32/wsc32x.exe either and think it has been removed.

    Anybody can help?
11. RAdkins on December 9th, 2008 1:20 AM
    

    I just been infective with spyware 2008 and it also has tried to install 2009..
    Don’t know where I got it from… It won’t let upgrade from norton or any other
    reputable company..Takes forever to booth up, but I can still get email & internet..
    It trys auto- install at varied times, so I must cancel it immediately on the screen
    and the tray.. It will drive you nuts….Thanks for other inputs….
12. Nick on December 9th, 2008 5:06 AM
    

    tried malwarebytes..spyware dr..and superantispyware and none of even began to get rid of spywareguard2008…when trying to execute them,they wouldnt even start up or i’d get the windows error report saying there was an error opening them..im pretty pc saavy so this one has me stumped..ive killed all processes and searched all files,folders and registry entries and tried deleting them but it never goes away…any help please!
13. paul on December 9th, 2008 8:16 AM
    

    Just use the Malwarebytes’ Anti-Malware system and it took care of it. (hopefully)
14. Ty on December 9th, 2008 10:57 AM
    

    I found that Kaspersky is good at removing everything, including that fake dialogue box. Also look at trust sites in Internet Explorer with HijackThis, it’ll add sites that allow it to regenerate!!!!
15. Xalkie on December 9th, 2008 11:07 PM
    

    omg…this a pain.
    I stupidly downloaded “Antivirus 2009″, and that opened the door for a ton of problems.
    Used spywarehunter to kill av 2009.
    Then SUPERantispyware for spyware guard 2008.
    still have dialog box made to look like “Windows security center”
    trying Malwarebytes anti-malware now.
    The software company that comes up with the ONE solution will have my money immediatley.
16. Lindsey on December 10th, 2008 11:06 PM
    

    I just don’t understand. I have tried AVG, avast, and antispywarebot and NOTHING has gotten rid of this trogan. When I ran a scan through avast it told me that there were 3 infected files but they were linked up to some files in my windows folder and I am worried to delete them, considering it could damage my operating system. Should I just delete them anyway?
17. Lindsey on December 11th, 2008 12:39 AM
    

    Alright I fixed it and I wanted to tell everyone how I did it because it is such a life saver!

    forget what I said about xxxxsxxxxrexxt.com They are the best!
    its is 29.95 for two computers but after you do the scan and if it doesn’t work.. go back to their website and put in your email address and what not and then click on the “live chat” option.

    They ended up remote accessing into my computer (no extra charge) and took care of everything!

    Please use this site.. if I knew it from the beginning it would had saved me 24+ hours of work on my computer

    Edited by Shanmuga: Dangerous URL.
18. Ty on December 11th, 2008 3:41 AM
    

    Xalkie, Like I said earlier the Kaspersky anti-virus program (you can get a free 30 day trial) removed the fake windows security center problem for me. I’d also like to note that in the last two daily updates from SUPERAntiSpyware that “Spyware Guard 2008″ was listed in the new threats that it can remove so this is obviously a very recent form of malware when day-by-day the removal programs are learning where to look. I’d also like to note that my SpywareBlaster and Spybot immunization features were partially turned off so you have to turn those back on. This new threat is nastyyyy….good luck all.
19. Krista on December 11th, 2008 4:59 AM
    

    My computer is frozen also. I tried safe mode regular and in dos. My brother tried to walk me through deleting it in dos and that didn’t work either!! Later last night I tried safe mode again and chose last best configuration and still nothing. If anybody has any ideas please post otherwise I think we are goiing to just re format the computer.
20. Candice on December 11th, 2008 5:37 AM
    

    I tried Malwarebytes software, but the Spy ware guard 2008 kept hijacking it and shutting down my computer. I tried manually deleting but it apparently is in my root directory and I can’t find it to take it out…?? any suggestions?? HELP!!!
21. Mark on December 11th, 2008 6:43 AM
    

    i got hit with this over the weekend
    after much work and failure we were able to get rid of it using the solution noted above with Super AntiSpyware initially and then ran MalwareBytes and seemed we are good to go with no return now for a couple of days
22. Frank on December 12th, 2008 12:43 AM
    

    I go rid of this F@$@@@&%^cking thing by running Malwarebytes’ Anti-Malware a few times with the latest updates. While the program is running I tried to stop running Spyguard everytime it started. IT’S GONE!!
23. Udaya on December 12th, 2008 5:48 AM
    

    Deleted files, folders, registry keys and values, and the damn thing still pops up. I am currently running a scan of the latest version of “Malwarebytes Anti-Malware” (12.11.08) . will post back after scanning, quarantining, deleting, then restarting.
24. Udaya on December 12th, 2008 6:28 AM
    

    it worked. for now-
25. Danny on December 12th, 2008 6:48 AM
    

    i am not able to run the above said softwares. the virus prohibits execution of the Super AntiSpyware and Anti-Malware
26. Ray on December 12th, 2008 7:00 AM
    

    I’m working on a pc this week that has spyguard2008 bad. Malwarebytes usually removes stuff like this, but not this time. Spybot, Adaware & AVG have not been able to kill this, even if you pull the hard drive and scan it in another machine. This makes me think I get to spend lots of time going through the registry. This crap is a headache.
27. Brian on December 12th, 2008 8:00 AM
    

    …still battling it here… Tried all solutions mentioned on the site and can’t get rid of it.
28. nm09 on December 12th, 2008 9:36 AM
    

    The MalwareBytes took care of it and finished-off
    THANK YOU EVER SOOOOOOOOOOOOOOOOOO MUCH GUYS
    You saved my life
29. Bobby Farmer on December 12th, 2008 9:20 PM
    

    Got this horrendous virus yesterday, but have just got rid of it.

    Downloaded MalwareBytes on to another PC and put it on to a USB stick. My infected PC would only boot in safe mode - under which MalwareBytes wouldn’t run :-(.

    I then restarted the XP machine using ‘Last known good settings’. The virus popped up right away and started to run, but at least now I could install MalwareBytes.

    I ran it (quick scan first), and it did find ‘SpyGaurd’ - though SpyGuard itself kept coming on during the scan (I always quickly closed it).

    MalwareBytes removed most of it on the first pass, but some elements had to be removed after a reboot - which it seemed to do.

    Fingers crossed everything is now clear!
30. Vinoth on December 13th, 2008 4:45 AM
    

    I tried malwarebytes, combo fix, but i am still getting the pop ups, as soon as i stop the process and remove the virus folder it pops up again with a new folder in program files and i am not able to delete the spywaregaurd.exe even by using Icesword….what else can i try
31. Shelley on December 13th, 2008 5:25 AM
    

    YESSS! Finally!..the bastage is DEAD! Download the free Malwarebytes program. This nasty SOB was interfering with everything…my symantec was rendered powerless. I just made sure the malwarebytes was updated and put it to work. You’ll need to reboot after it finishes. Good luck!
32. Shanmuga on December 13th, 2008 8:36 AM
    

    Vinoth, you may have other malware. Please post for help at one of the Recommended Online Forums for Malware Help.
33. john on December 13th, 2008 11:54 AM
    

    What’s worked for me is the following….
    Install malwarebytes setup by disc downloaded from another computer
    rename the malwarebytes set up .bat
    during the initial installation stop the process when it hung up
    delete all the spywareguard files under program files
    start up the malwarebytes
    during the scan watch the spywareguard folder under program files and delete the files as they re-appear about every 5 minutes
    during the scan also stop the spyware guard from starting up again
    have run the scan 2x with the first finding 40+ infected files and a handful that had to be deleted upon reboot.
    The second time found 15 files…rebooted
    will post again if problem not solved
34. john on December 13th, 2008 12:23 PM
    

    Now was able to run Superantispyware….
    This seems to have fixed the problem
35. harsh on December 13th, 2008 5:54 PM
    

    Hi,
    Luckily after half day of trial i am able to get rid of this annoying spyware guard 2008. here is what i did, i hope you can try if it helps.
    I am running Windows XP service pack2 on my Vaio laptop.
    download: Malwarebytes’ Anti-Malware Download Link (Link edited: Shanmuga)
    reboot the PC in safe mode and then install the same.
    Install the application.
    Before running the scan, from the task manager kill the spyware guraed process and windows security centre process.

    And now run quick scan. and follow the instruction.

    after just try to delete all the temperory files from the path

    C:\Documents and Settings\Harsh\Local Settings\Temporary Internet Files\Content.IE5\

    to view the content.IE5 folder you should be administrator on the system.

    then reboot the PC, hope this should clean your pc, you can try repeating the steps twice if it didnt worked in the first go.

    But i followed the same, and now i am able to remove it completely.
36. zoot on December 13th, 2008 10:09 PM
    

    Thanks To Malwarebye’s Anti malware, I am now free of this infection. I have been plagued with it for about 2 weeks, when I originally tried many of the anti spyware removal tools, they did not clean it up, they would catch many of the components of the virus, but something was always left behind that caused it to come back almost instantly after cleaning.

    I uploaded the most recent definitions today for Malwarebyte’s and ran the scan. This time it worked and I am virus free.

    Give it a try!
37. Nolan on December 14th, 2008 5:14 AM
    

    This thing is killing me. Its hidden my dvd drives so i can’t use disks to install this software. Any website I go to it either gives me page cannot be displayed, or it redirects me to some spam. At this point the only way i have to get files in is by gmail, and gmail doesn’t allow me to send exe files and is really picky. This thing is like a puzzle.

    Super Anti Spyware wont install, I have Malware Bytes installed but it wont open. The virus won’t allow me to update any of my software.

    I’m trying everything you guys are recommending and haven’t found a cure yet. If anyone knows anything useful, please post!
38. Denise Rogers on December 14th, 2008 5:57 AM
    

    I finally got rid of this AWFUL virus. Thanks to you guys!!! I first ran the MalwareBytes Anti-Malware but it did not get it. I then ran the SUPER AntiSpyware and it seems to have done the trick! I am keeping my fingers crossed! It took all afternoon but we have been dealing with it for about a week now. Good luck everyone!
39. Computer Illiterate on December 14th, 2008 7:59 AM
    

    I tried the latest version of Malwarebyte (Dec. 03, 2008), and it still won’t go away. I got this stupid Spyware Guard on the 10th, is it possible that it’s evolved since the 3rd? Is there a program that was updated this week that might get rid of this. It’s knocked out my internet, so I have to use my friend’s computer to download stuff. HEELLLLPPP!!!!!!
40. bob on December 14th, 2008 1:48 PM
    

    if your computer wont let you open malwarebytes it maybe because the virus stops you from opening it.
    i had this problem before and was quickly resolced by renaming the mbam.exe to something else. i used notmbam.exe the it worked perfectly.
41. ken on December 15th, 2008 12:52 AM
    

    I down loaded both; the SUPERAntiSpyware and the Malwarebytes’ Anti-Malware, the free virsions. Each one found different items and removed them. Things are moving along nicely … for now. Thanks for the advice.
42. My Way on December 15th, 2008 2:36 AM
    

    Hey – here is a complete layperson’s approach to a virus problem – I am NOT a computer person – I just figured this stuff out from browsing various websites & from trial & error.

    I had a horrible RapidBlaster, SpywareGuard 2008, Windows Security Center Virus combo – I could barely get my computer to start & it was hijacking all my Google searches and actually blocking me from accessing anti-malware sites! It took a couple of days to figure out how to get rid of it – here is what finally worked for me:

    Get fast at killing the spywareguard and winscenter processes in the Task Manager (processes tab) – this step will have to be repeated several times as the Malwarebytes scan runs – fastest way to get Task Manager up is to right click in the taskbar area & chose the Task Manager option – actually it’s best just to leave up the Task Manager so you can kill the spywareguard and winscenter processes as soon as they start leaving absolutely no time for them to create further problems.
    (By the way, after you kill these processes, the green spywareguard and red winscenter icons might still appear in the Taskbar. But just wave your mouse over them & they disappear.)

    Uninstall the SpywareGuard 2008 using the SpywareGuard 2008 uninstall option via the Start  All Programs menu – again, you’ll probably have to do this every time the stupid thing starts to run again. And/or use the uninstall link in the Control Panel  Add/Remove Programs listing.

    I had already installed & run a StopZilla scan – it found the Trojans & removed them but it wasn’t cutting it at getting rid of the thing that was actually creating the Trojans (& repeatedly forcing open SpywareGuard 2008 and Windows Security Center) to begin with. However, StopZilla WAS great at blocking RapidBlaster attacks as the Malwarebytes scan ran.

    So yes, as this forum suggests, install and run Malwarebytes. StopZilla is optional & it is not free – I just found it before I found Malwarebytes so now I have both. (And for $10 after rebate, I am glad I have both.)

    Even with the Malwarebytes scan & removal, I had to manually delete the following files (before the reboot):
    C:\Windows\reged.exe
    C:\Windows\spoolsystem.exe
    C:\Windows\sys.com
    C:\Windows\syscert.exe
    C:\Windows\sysexplorer.exe
    C:\Windows\vmreg.dll

    I also searched my C drive - all files & folders - on the word spyware and deleted anything that said Spyware Guard (don’t delete everything that says simply spyware – some of it is legit of course).

    Make sure you delete everything out of the Recycle Bin too – before you reboot!

    AND I ran the regedit to make sure there were no spyware guard keys. From another site (Malware Help.org), here is a list of keys that might be affected:
    (note however that I deleted these before I discovered Malwarebytes – it could be that Malwarebytes does this for you, but you may want to doublecheck anyway)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\spywareguard
    HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program Files\Spyware Guard 2008\spywareguard.exe
    HKEY_CURRENT_USER\Software\Spyware Guard\NP\NP
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware Guard 2008\Display Name
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware Guard 2008\DisplayName
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware Guard 2008\UninstallString

    I think at some point I also deleted the Viewpoint keys folder too – I have seen a few sites that recommend that.

    A couple of final notes:

    I rebooted my computer and ran Malwarebytes again (no infections) and I ran StopZilla again (it always says it’s catching all this stuff but I think it is lying – but I run it just for the satisfaction of hitting the Remove button – and because I paid $10 for it).

    I already had Bitdefender as my antivirus program and a few times during this whole process it went crazy blocking viruses – more so when StopZilla runs than with the Malwarebytes. It turns out that there are some viruses in C:\Windows\Temp that I guess have been quarantined because I cannot delete them. But every time I click on them (to delete them), Bitdefender pops up & says that that virus is trying to attack. So I think when StopZilla touches them, that is what makes Bitdefender go crazy. So, if you CAN delete them, do so (and remember to delete them from the Recycle Bin) but if it doesn’t let you delete them, just leave them there because again, I think it means they are quarantined. They look like this: SMI76.tmp SMI6E.tmp etc.

    Good Luck!
43. Jim on December 15th, 2008 4:37 AM
    

    i too got this spyware guard 2008. i had been trying alot of the free antivirus programs as well such as avg, ad aware, SUPERantispyware, and even malwarebytes’ anti-malware. malwarebytes caught most of it but left that stupid security center icon. this was only a few days agao i could not get rid of it, until today when i updated malwarebytes again….FINALLY gone.THANKS malwarebytes and the rest of you guys in this forum.
44. Loredana on December 15th, 2008 3:26 PM
    

    I got this spy guard 2008 am 13th December and I spent 24 hours to recovery my computer. I tried to download SmitFraudFix, but internet was directed each time by the malware to different sites. I used my notebook to download the SFF and I followed the instructions, but the malware appeared again everytime I reloaded Windows. Finally I decided to format the HD and only after that I could use may computer again. It’s never happened to me a so terrible experience!
45. Matthew on December 15th, 2008 9:38 PM
    

    This was added to Spybot S&D’s list 12.10.08.
    Will test later today.
46. Tim on December 16th, 2008 2:30 AM
    

    I hope whoever made this virus would just die.
    Have had this prob for two days now, and nothing is working. The virus has blocked my internet, therefor i can’t downland Malwarebyte, therefor making it imposible to get rid of this damn curse!!
47. Char on December 16th, 2008 4:35 AM
    

    I had just installed AdAware last night and tried to run free online scans from TrendMicro and McAfee, in addition to updating my virus database from Avira. TrendMicro wouldn’t install. THEN, today I get this SpywareGuard 2008. Since I haven’t installed anything else or visited any of those websites, I really wonder if one of these products was poisoned; just seems too coincidental. Unless it was somehow installed at some point and only activated by one of the above products. Why aren’t any of these antivirus and more anti-malware products on top of this??
48. Matthew on December 16th, 2008 4:57 AM
    

    Spybot S&D worked perfectly, as expected. If any problems just run it in safe mode or at startup.
49. Kendall on December 16th, 2008 8:01 AM
    

    Anyone have any ideas on how I can run the spyware programs. Everytime I get the windows error report screen or my computer freezes.
50. Char on December 16th, 2008 8:20 AM
    

    I was finally successful with manual removal. It took several hours because the DLL files kept morphing into other names and I’d have to start from scratch every time I rebooted as it would reinstall itself. I focused on searching out *.dll files created today, and as soon as I found one, I SHIFT-DELeted it. Finally got them all, at least for this outbreak…
51. Marcus on December 16th, 2008 10:32 AM
    

    Malwarebytes Anti-Malware cleared up everything! Sooooo happy! Tryit!!
52. Jim on December 16th, 2008 10:43 AM
    

    I’ve been trying for hours on this one. Downloaded Malwarebytes Anti-Malware on another computer, transferred it to the infected computer via flash drive. But then I can’t run the installer. Tried extracting the files on the good PC, then moving the folder to the bad one, then uninstalling SpywareGuard, then quickly running Malwarebytes. Nothing doing. How can I get the bad computer to let me install the anti-malware software?
    And now my display control panel has been disabled and my desktop picture is the Spyware Guard warning. Aaaagh!
53. ajith505 on December 16th, 2008 12:08 PM
    

    I am struggling with this bull sh*t with last 2 days, and tried everuthing listed out here.. I am killing the processes spywareguard.exe and winscenter.exe from the task manager everytime it appears.
    I already have McCafe with no use.. I installed MalwareBytes’ Anti Malware and SuperAntiSpyware( The rogue keeps on interrupting at each stages of installation. So I had to downlaod them from another machine, rename the setup exes, install them, and then renamed the main exe of the application. ) I ran both the application exes a couple of times. After these much, it is still coming and I am still killing the exe as write these comments.. Meanwhile, I have taken the backup of my machine in safemode.. Now as Char wrote, need to delete the dlls frm 2morro.. or else I consider writing a desktop app that deletes the malicious exes as and when they are created, delete the registry entries..
54. Kendall on December 16th, 2008 2:22 PM
    

    Well I am still working to clear this virus but have found a way to get Malwarebytes Anti-Malware running. What I did was downloaded that and Norman Anti Virus with another computer and put them on a usb stick. Then went into safe mode and copied the files over to the infected computer. Now run Norman Anti Virus and it will scan your computer and delete some of the infected files….The biggest thing is…it will allow you to run Malwarebytes Anti-Malware (before it wouldn’t let me run the program)…so now that is what I am currently doing. I wanted to get this post up because I know how frustrating it can be because no spyware programs will run because of the virus. This should do the trick though.
55. Dave on December 16th, 2008 7:48 PM
    

    Regarding Spyware Guard 2008 - SUPERAntiSpyware downloaded from this site worked first time for me. Just make sure you click the update button to get the latest updates (Dec 15) as there is specific files for Spyware Guard 2008. Was a nasty virus/malware. Someone should be put in jail - I heard they are tracking down the authors in Russia.
56. Rishi on December 16th, 2008 8:32 PM
    

    Thanks to this page, I was able to eradicate the virus using a combination of methods. Basically, what I had to do was download SuperAntiVirus on another computer and manually move it to via a flash drive to the infected computer. I then renamed the setup file, and SuperAntiVirus was installed. I could not get it to run at all, but manually deleted some of the registry keys. I then noticed that SuperAntiVirus has an “alternate start” option from the Program menu which allows it to run even if the virus prevents it. It caught enough of the virus to allow Malwarebytes Anti-Malware to run, which got the rest of it.

    Also, if you are on Firefox and you are noticing a lot of popups (even with the popup blocker on), that’s the early sign of the program. At that point, it’s not too late to download and install Malwarebytes Anti-Malware (my second computer also got infected by the same program - but I was able to recognize the signs early before it got too bad).

    Hope everyone else is able to get rid of this! Good luck!
57. wayne on December 16th, 2008 9:10 PM
    

    Smitfraudfix is not a removal tool. It actually installs more malware on to your computer. I learned this the hard way. I’ve tried Spyware doctor and it just reinstalls apparently on bootup along with another trojan whose name I forget (I’m at work now) It has removed enough malware so that I may now be able to run malwarebytes, before it wouldn’t let me open the insatll file. thanks for all the hints and tips everyone. Good luck to all.
58. S. B . Remmark on December 16th, 2008 10:25 PM
    

    Help! Everytime I delete one of these files from Windows it regenerates within seconds. I can’t delete any of these files. The Super anti-spyware software seems to have the same problem. It lists the program as being removed and then when I re-boot it is still there.
59. Shanmuga on December 16th, 2008 10:39 PM
    

    @ Wayne: “Smitfraudfix is not a removal tool. It actually installs more malware on to your computer.”

    Smitfraudfix is a trusted software, certain components are flagged as malware by many antivirus vendors due to the nature of compression algorithm used, otherwise its clean.
60. wayne on December 16th, 2008 10:52 PM
    

    Shanmuga
    Well, whatever it is it did zilch to remove spyguard 2008. I think it was symantec that fingered it as malware installer.
61. Myka on December 17th, 2008 11:21 PM
    

    My laptop caught this virus Saturday 12/13. I new something was up when I started getting weird pop ups. I updated my Norton Antivirus and did a scan…no luck. Dowloaded Adaware, tried running scans, Norton (I think or was it spyware guard messing with me?) kept saying I needed to restart. Well, duh…then adaware couldn’t finish the scan. Once I stopped being fooled by that Spyware Guard would somehow stop Adaware from scanning.

    Found this site, dowloaded SuperAntiSpyware (do your best to stop Spyware Guard 2008 from scanning…and just focus on following the download and install process for Super Anti Spyware) Ran SuperAnitSpyware and it removed most of the Spyware Guard stuff.

    I still had the ad stuck as my background and couldn’t change my display so I downloaded Malwarebytes and ran that. It removed the rest. Make sure to shut off you system restore at some point like this page says and turn it back on once your system is clean.
62. LEONARD M. ROTH on December 18th, 2008 2:41 AM
    

    For the past 2 days I have been inundated with ads from Spyware Guard 2008 and from what is alleged to be from Microsoft Internet Explorer–Antispyware Scanner. It continually interrupts my use of my computer (even writing this note). I have Norton Internet Security and Norton Antivirus, wheich, I thought, was doing a good job. Is there any way to stop these ads? Please and Thank you. I am dying here.

    Leonard Roth
63. Titto on December 18th, 2008 10:04 PM
    

    I had to struggle several hours with this damn programm. But that is how I did it. I used the task manager to kill it as soon as it pooped up, deleted it everytime afterwards as soon as possible and at the same time ran Spybot search and drestroy as well as malwarebytes parrallel. First time I let them run the hole scan which deleted quite a bit. Then I restarted but still had problems. Then I deleted all files listed above manually and begann a second round of scanning. While I let the malwarebites programm run through the hole scan I canceled the Spybot scan ass soon as it found something and just deleted that. I repeated the process. After a second restart everything seems to be fine. Ok that was probably quite a crude method, but it did the job.
64. alison on December 18th, 2008 11:01 PM
    

    So can anyone please help me? this spywareguard2008 is the f*cking worst! It wont even allow me to keep my computer on for more than 2 minutes, then it automatically restarts and the same thing keeps happening. It has gotten progressively worse. What can I do if I can’t even get my computer to stay on????
65. Shelby on December 19th, 2008 4:09 AM
    

    Alright, my problem seems to be somewhat unique. Every time I boot up my computer freezes within 5 minutes, & that’s only if I stay in windows task manager & end the process every time it starts back up. I can keep it running in safe mode, & I have malewarebites on a flash drive, but my computer won’t recognize the flash drive in safe mode. If anyone has any suggestions, please, PLEASE tell me! I am at my wit’s end with this stupid thing, & it’s rendered my desktop completely useless. Thanks!
66. Anthony on December 19th, 2008 6:43 AM
    

    Wow! after screwing with this thing for 2 days I finally got it doing just what everyone has been sayin. superantispy, malwarebyte, and killing winscenter and spywareguard . exe everytime it poped up in processes. The problem i am having now is i get about 30 error pop ups of a bad image .dll associated with almost all my program names. its a simple annoyance that is nothing compared to the spyware guard but if anyone has suggestions on how to stop this “side effect” I’d appreciate it.
67. Nily D on December 19th, 2008 11:00 AM
    

    I also spent several hours battling this stupid thing. Here’s what I did:
    - Googled for “spyware guard 2008 removal” and found Malwarebyte
    - The spyware prevented me from going to this site. Intercepted browser and sent me to some porn site
    - Downloaded Malwarebyte from another computer and transferred to via USB
    - Cannot double click on the .exe.
    - Renamed the .exe, and it installed malwarebyte, but couldn’t execute the program
    - Had to run devmgmt to disable TDSSserv.sys
    - Finally able to run malwarebyte. it scanned and found a bunch of files.
    - Deleted and rebooted but the stupid thing was still there!!!
    - Tried scanning again, while deleting spyware files and registry entries. Rebooted and still there!!
    - Updated malwarebyte. There were several versions
    - This time, left computer alone while scanning. It found a bunch of things.
    - Deleted, rebooted, and it’s GONE!!!

    I think deleting the files while scanning caused it not to fully work. I’m SOOOO happy it’s gone!

    “Breaking rocks in the hot sun,
    I fought the spyware, and I won,
    I fought the spyware, and I WON!!!”
68. Adam on December 19th, 2008 2:20 PM
    

    When this Spyware Guard 2008 first launched, I knew not to buy into it, but it kept coming, so I closed my browser. It think that was too late as the hard drive was doing its cranking noises by then, like if it was being scanned.

    By this time (15 minutes or less) I knew something was seriously wrong, as I could not launch any of my spyware programs. So off to Google to do a search on this Spyware Guard 2008 and I stumble upon this web site, which is fantastic BTW!

    I first tried to follow the manual removal of the bug, without any luck. The dang thing kept coming back up and doing the popup. This was occuring on both FireFox or Internet Explorer.

    I had McAfee Security Suite installed but apparently they have not caught up to this bug yet. Of course this software and some of IE graphics capabilities were disabled by the bug. I stil had internet and the CD drives operatonal.

    I did not try to download or install MalwareBytes and SUPERantispyware from the infected PC, I downloaded them to a flash drive on my laptop instead. Then I did the following:

    1) renamed the **.exe for both programs on the flash drive before connecting it. I just renamed them with the word “not” in front of the files.

    2) trying to install SUPERantispyware I was locked out because of Admin permissions, but that did work in SAFE MODE or as the Admin. I was stuck on that one.

    3) I was able to install MalwareBytes when I renamed the file to notmbam-setup.exe and it worked.

    4) however Spyware Guard 2008 would not let the program launch, so I renamed the launch file notbam.exe and then it worked. I ran a Quick Scan first to get it going.

    5) like some of the others above, I just kept the task manager and stopping Spyware Guard 2008.exe when it opened as well as windows explorer open to the c:/program files/ and kept deleting SpywareGuard2008 folder everytime it spawned.

    6) 20 minutes later the popups stopped and I was greeted with 385 rouge files found by MalwareBytes. I let it finish then I chose to delete the suckers. I then allowed MalwareBytes to log in and update the virus definitions. I ran it again and it found another 87 rouge files. Deleted those again and ran it one more time to be sure. It found another 2 files and I deleted those. I made sure the recycle bin was emptied and then a reboot.

    7) this time I tried to install SUPERantispyware and it ran, so I proceeded to complete that and let its do its job. Found another 53 files and I deleted those and ran the definition update and did another scan. It found another 5 files and I was more than happy to get rid of them. One more scan for the road and it came back clean.

    I tried to run Spyware Doctor but some of its files were corrupted and it would not launch. I ran Ad-Aware Personal Edition, did a difinition update and it found 123 files so I proceeded to delete those as well.

    9) I ran Glary Registry Repair and it found 231 registries and orphaned files. Those were promply destroyed and one more system reboot. Clean and now signs of Spyware Guard 2008 and the hard drive is quiet and no longer making scanning sounds.

    My challenge of anyone could help, it appears that Spyware Guard 2008 did something to my IE7 and McAfee Security Suite. I can not see any menu buttons when launching McAfee and on websites like http://www.weather.com or live.com, there are no active back ground images or I will get just placeholders on the website.

    I tried launching McAfee’s Virtual Technician, but that wouldn’t launch. So going to Add/Remove software, I figured since I have my registration number for McAfee I tried to delete it and reinstall. No such luck, I get a bad Java script message.

    I reinstalled IE7, but the problem still remains. Anyone else having similar problems with IE when going to some graphics intensive websites? I am sure Spyware Guard 2008 disabled or renamed some files so I cannot see the buttons on the McAfee menu screen. I could not even see those grahpic words you have enter to post these comments. Some form boxes and buttons don’t work either.

    Help!
69. Adam on December 19th, 2008 8:31 PM
    

    Just an update. I contacted the folks at McAfee and they suggested based on my experience to try IEregFix.bat, well I did and it repaired the registry files for IE which in turn fixed the menu in McAfee Security Suite. I am now able to sucessfully use both.

    IEregFix.bat can be found here:
    http://service.mcafee.com/faqdocument.aspx?id=TS100034&lang=en_US&prior_tid=18&AnswerID=16777216&turl==http%3A%2F%2Fkb.mcafee.com%2Finfocenter%2Findex%3Fpage%3Dcontent%26id%3DTS100034%26actp%3Dsearch

    Hopes this helps any others with a hi-jacked IE browser after removing this nasty malware. To the authors of Spyware Guard 2008, I hope justice is swift and painful!
70. Yort Nhoj :) on December 19th, 2008 10:01 PM
    

    Hey, I’m sooooo glad I found this site. I’ve been searching for help for like this last week. My XP laptop has this spywareguard2008/2009 (one or even both, I can’t remember) The devil program won’t uninstall, and it it reincarnates itself everytime I try to. I can’t figure out why people do crap like this. My laptop is in the country, away from all internets when not plugged in, and this program can still work. It shut me out of my desktop for a few days, but thanks to the IT at my school, that’s changed, but now I just got mcafee, and the devil program won’t let it update or anything. Also, when hooked to internet, this thing called “internet speed moniter” or something keeps giving me loads of trouble. I just want to be able to use my computer for Christmas…
    I’m going to try to do what I see on this page, and hopefully it will work.
    I’m at my school, so its superfrustrating to not be able to do everything while “safe” internet is available.
    Please God, let my wishes come true…
71. BillF147 on December 19th, 2008 10:27 PM
    

    Ive been fighting this thing for over a week…I tried Spyware Doctor, pay version…Always claims to clean it…Then it pops back withing 5 minutes…It also seems to be piggybacked to TDSServ…That wont go away either…

    Worked with Spyware Doctor Help staff…Gave me a long list of things to do in Safe Mode(XP Sp3)…Claims to have cleaned it all up…Boot to Normal…LOL…Back in 5 minutes…

    Oh yeah, Spyware Doctor does block it from popping up wanting you to buy every 5 minutes…Also, can no longer Print when Spyware Doctor is running…Keeps killing the Spoller!!!

    Dont spend the 29.95 for Spyware Doctor folks…Dont work all that well…
72. aimtheflame on December 20th, 2008 7:19 AM
    

    I just spent ten hours getting rid of this thing, but I think I’ve done it. I first downloaded and ran malwarebytes twice. It said it was gone, but noooo. So I found you guys and downloaded and ran super antispyware. I also turned off my system restore. and it seems to be gone. Granted, it’s only been about 45 minutes, but I’m keeping my fingers crossed. Thanks so much for all the input!
73. Mike H. on December 20th, 2008 11:58 AM
    

    I WIN

    I did have to use another computer to download the malwarebytes onto my flash drive, due to that sucker keeping me out of my internet browser, but had no problems installing it to my computer. So if you have problems durring the instalation process take the pros suggestions listed above. I also downloaded the SUPERAntiSpyware as well but both programs did little to help. I had the same problems as everyone else; running the programs, finding the bugger, deleting the infected Spyware Guard 2008 files, then to my dismay upon rebooting my computer or quickly running the other Anti Spyware 2008 program it kept returning.

    Over and over. Hours wasted. ONE EASY SOLUTION:

    UPDATE THE MALWAREBYTES PROGRAM!!!!!!

    As soon as you can get it loaded open it up and click on the tab “Update”. Get all the updates nessasary and run the scanner in Malwarebytes. Then behold the many other files that it couldent detect before. Upon a requested reboot from Malwarebytes I had a sucessful boot with no more Spyware 2008. Im currently running bolth of the programs mentioned again with other anti spyware and anti virus software to make shure I have stamped out this bug once and for all.

    So here is hoping that it is gone for sure but now my scanners from my programs are reading all clean. So after a constant battle for 13 hours I can now feel relief.

    Good Luck Guys!
74. frustrated on December 20th, 2008 1:40 PM
    

    I wish I had the same luck. I’ve turned off system restore and have run both SUPERAntiSpyware and Malwarebytes several times. I’ll run them and they will find problems, after the second time around they both give the all clear, but then after a restart, up comes the Spyware Guard 2008 windows and I have to do it all over again.
75. Law on December 20th, 2008 4:59 PM
    

    click the update check, update malwarebytes then scan again. at last restart your pc, the malwarebytes will then delete some registry file. done
76. frustrated on December 21st, 2008 12:49 AM
    

    Unfortunately I cannot update. Apparently it’s killed web access.
77. frustrated on December 21st, 2008 2:45 AM
    

    Finally! (I hope!) I eradicated it. Somehow I finally got malwarebytes to run an update and it got it. 8 hours of hell finally over!
78. Chris on December 21st, 2008 9:09 AM
    

    thanks to all of the input on this thread…i finally got rid of this piece of S%&T trojan. it took me three days.

    i got it bad - couldn’t access any of the websites to download malwarebytes, avast or superantispyware. i already had malwarebytes downloaded on my comp but couldn’t run it. had adaware installed before i got the virus. i could run it, but couldn’t update it. adaware didn’t help at all. i was able to download the setup files for all of these programs from download.com, but couldn’t install them (no luck in safe mode either).

    i finally located all of the files listed at the top of this thread and deleted them manually. i definitely think that should be your first step. i had an old version of hijack this previously installed. i couldn’t update it, but ran it anyways and it definitely helped and located some files associated with the bug. i was finally able to access the avast website, downloaded and did a boot scan. this really helped but didn’t get rid of the trojan completely. i ran malbytes in safemode but that didn’t completely get rid of it either. finally ran superanti spyware and that did the trick!
79. ohskool on December 21st, 2008 12:13 PM
    

    When ever I get this dam program off my laptop, I am going to purchase a first class ticket to russia and beat down the MOFO or MOFOS who did this. This dam thing just want go away. it seems the more I try to get rid of it the more it Fu#ks with me. Now when I try to log back in to my pc CRTL-ALT-DEL It freaking freezes…. WTF.trying to run the malware instals up to 1% left then freezes. I have even loaded the malware on aother pc and just copy the files over to my pc. It trys to start then just fade away. I refuse to quit on this it has come down to me or the pc. so far the pc is winning. May just reformat the freaking thing could of been done 8 hours ago. Excuse me for bitching like a women, but I am about to start breaking things. Great advice guys I keep trying.
80. Kat on December 21st, 2008 7:31 PM
    

    SUPERAntiSpyware Free Addition did it for me in less than a half an hour. I had over 1000 infections…42 with this horrible beast. MalwareBytes was so dang slow…2 1/2 hours and still scanning that I aborted and downloaded SUPERAntiSpyware and now I’m free!! Thanks for all the help on this site!
81. kyril on December 21st, 2008 8:14 PM
    

    Thank you everyone for all your stories/suggestions. I finally figured out how to kill this thing. You *must* have access to an uninfected computer and either a flash drive or a CD (you can try using LAN, but I prefer to keep the infected computer quarantined).

    Important things to note:
    - Quarantine your computer from the Internet. Physically unplug your network cables. Do this immediately as soon as you’re aware that you’re infected.
    - Don’t bother deleting the Spyware Guard 2008 folder or the winscenter file. They will just come back.
    - Do kill the processes immediately whenever they come up.
    - The malware may have all kinds of nasty effects, including but not limited to:
    Blocking Internet access to sites where you can download things that will remove it
    Blocking access to the IP addresses used by MalwareBytes and other anti-spyware programs, preventing them from updating
    Preventing Safe Mode from booting up
    Interfering with System Restore
    Installing viruses continuously in various files all over your computer, even when you are not connected to the Internet
    Hijacking your search engine so that clicking on links sends you to malicious sites
    And many other worse effects as described above.

    Procedure for removal:
    1. Download malwarebytes AND the latest update onto your flash drive on an uninfected computer. The malware may prevent malwarebytes from updating itself (did for me).
    2. Download SuperAntiSpyware.
    3. Change the names of all 3 files. The malware may prevent execution of the files with their original names.
    4 Install malwarebytes onto the infected computer. Install the update file. Change the name of the executable file for the installed program.
    5. Run malwarebytes (Complete Scan). Stay with your computer, allow the scan to run all the way through, and kill spywareguard.exe and winscenter.exe every time they start up. spywareguard.exe will start randomly every 2-6 minutes and winscenter.exe will start once every 8-15 minutes. If you leave your computer unattended during this scan, it may install more stuff in places that were already scanned.
    6. Delete everything it finds and let it restart your computer. Visible signs of infection should be gone, but your computer may still be sluggish. You’re not done.
    7. Install SuperAntiSpyware and update it. The update should run properly. You can leave your computer unattended for this one.
    8. Delete everything it finds. It is likely to find several instances of TDSSserv, among others.
    9. Reboot. Run your preferred antivirus (Avast, AVG, TrendMicro) to reassure yourself that everything’s gone.
    10. Your computer should be back to normal. If you like, you can run malwarebytes one more time to make sure no traces are left.
82. Sreekanth on December 22nd, 2008 1:53 AM
    

    Hi All,

    It is very usefull thanks a lot . I am able get rid of this Spyware guard 2008 malware by using malwarebytes Anti-Malware did the trick. Thanks once again for sharing this information.
83. Ron Bell on December 22nd, 2008 5:42 PM
    

    My stepdaughter’s laptop has Spyware Guard 2008.

    My questions are:

    (1) How do I know that this site (malwarehelp.com) is not also fraudulent and in the business of spreading malware?

    (2) If I do decide that this site is OK, which of the many sets of instructions above will work?

    (3) A number of the above posts involve updating the Registry. I don’t know how to do that. Is there somewhere that will teach me?

    (4) Since we have backed up all important data from the laptop, my inclination is to reinstall the OS. However, I’ve no idea how to that either. Do I need access to a CD that came with the laptop? If so, I suspect my stepdaughter has lost it.
84. Chiqui Abello on December 22nd, 2008 10:33 PM
    

    This hit my stepduaghter’s PC yesterday and I spend a good hour battling it, but I think I got it under control (except for the fake Security Center window). I’m in I.T. and have had some experience at things like this before so once I realized what was happening, I wen to another PC, printed out a list of the files and reg keys that were affected and rebooted the infected PC. I immediately ran HijackThis, looking for some of the offending files to delete and removed them. I also deleted the offending files from the Windows and Program Files folder and immediately shut down the PC by pressing the power switch. When it came back up, I had more control over it and was able to remove the rest of the malware via regedit and the usual anti-virus software (which I updated manually and finally detected it).
85. Drew on December 23rd, 2008 9:51 AM
    

    I’ve finally cleared this evil mess (spyware guard 2008) from my daughters computer. It wouldn’t let me access the internet. I suppose by bogging it down. I disconnected the infected PC from the internet. I downloaded Super Antispyware from the link on this page to my uninfected laptop and transfered it to my infected PC via flash drive. I had to rename it (I just put an A in the front of the name) because the virus wouldn’t let me install or otherwise. In fact I had to rename the application in the same way to launch it. I ran a quick scan that found over 1000 trojans, adware etc… this didn’t kill this virus after the reboot so I did a full scan. While it scanned I used the task manager to stop this spyware guard 2008 virus when it launched each time. Task manager is accessed by cntrl+alt+del. The vurus loads itself every few minutes and can hang or disable the scan in progress. this took about 3 hours last night but cleared out another 40 threats which still didn’t kill this awefull virus. But it did allow me to now reboot the PC connected to the internet. I updated the Super Antispyware’s latest definitions and ran another full scan this morning. still quiting the spyware virus as it kept trying to load. (see Adam’s notes of dec 19th on this thread ……. same thing) Now after the reboot it’s finally gone!! (I hope) I ran another scan and found a few more things. Thank god for this site !!!! Thanks to all of you for posting !!! This malware virus is very brutal … many times I almost launched this computer out the window if it weren’t for the fact that these threads gave me a clue as to what it takes to kill this virus. I hope the scum who created this will get whats coming to them. I had also loaded the malwarebyte’s software and it would have been my next thing to try if the Super Anti Spyware didn’t work. Just a note that I tried to manually remove the files and registry keys myself via running regedit etc but none of that worked for me. It took days and days to finally clear this mess. Another thing to note is that the computer had to reboot a few times before it would successfully get to windows again. my patience paid off with a nice clean and fast PC.<