VirusRemover 2008

Alright, this got downloaded on our laptop. It keeps popping up with System Security has detected spyware, malware, etc. When I clicked on it the first time it tried to get me to buy some bs antivirus program. I can't really find it in add or remove programs and everytime i try to delete it more shit pops up. HELP :angry:

You've been owned. Google this: "virus remover 2008 removal"

Be careful what you click.

Always check software you've never heard of, you might get more than you expected. And I don't think I have to tell you this isn't always a good thing ;)

If you can find a "copy" of malwarebytes it works great on that bitch, If not download Hijack this and post the logs. (I have the removal paths but they seem to change it up every few weeks now, Bastards)

Well my mother told me that she was he one that got it. -_- but Ill trr stuff. Thanks alot.

Alright. I had to go into the registry to get rid of one program. Now I have another that seems to be very similar to VirusRemover 2008. Its called SystemSecurity. I tried to use the same method to get rid of it but when i search for it in the registry and a regular search no files show up at all. Any more hints. Ill google it to see if there is anything.

There is a possibility that the virus is welcoming in more viruses through a hidden connection, as this is the case in my school's library. To find out, you could try running the command "netstat -abno". Note the port ID (PID) of each program running. If you find what you are looking for, kill it using the command "tskill PID". Hope that helps. :D

Zephyr_Pure wrote: Google this: "virus remover 2008 removal"

Texas Instruments wrote: Now I have another that seems to be very similar to VirusRemover 2008. Its called SystemSecurity.

Google this: "SystemSecurity removal"

Seeing the pattern yet? The top 10 results have relevant links on how to remove it / them.

Zephyr_Pure wrote: [quote]Zephyr_Pure wrote: Google this: "virus remover 2008 removal"

Texas Instruments wrote: Now I have another that seems to be very similar to VirusRemover 2008. Its called SystemSecurity.

Google this: "SystemSecurity removal"

Seeing the pattern yet? The top 10 results have relevant links on how to remove it / them.[/quote]

I googled that. Every time I try to go to anything that seems like it could help it redirects me to some stupid fucking generic looking page that is telling me to download some shit that looks like its going to be the same exact thing. I tried getting the url and opening it in a new window. and I tried clicking on cached under the link and it does the same thing. ].; im really frusturated with this.

Print off the instructions on how to remove it on another PC or something, or put the removal program (if there is one) on a memory stick/whatever.

Boot in safe mode, open regedit, search for the "software", delete the keys. Go to the "Program Files" folder, find the folder containing the exe's, delete.

Zephyr_Pure wrote: Google this: "SystemSecurity removal"

Seeing the pattern yet? The top 10 results have relevant links on how to remove it / them.

Texas Instruments wrote: I googled that. Every time I try to go to anything that seems like it could help it redirects me to some stupid fucking generic looking page that is telling me to download some shit that looks like its going to be the same exact thing. I tried getting the url and opening it in a new window. and I tried clicking on cached under the link and it does the same thing. ].; im really frusturated with this. This one gives manual removal instructions and doesn't seem to offer any "downloadable" solution of the kind you're trying to avoid: http://www.xp-vista.com/spyware-removal/system-security-removal-info

Instruction Headings from Link:

1. Stop System Security Processes
2. Find and Delete these System Security Files
3. Remove System Security Registry Values

… Oh, and it was the first Google result.

If you tried that already, you need to be more specific despite your frustration. Otherwise, you're just venting to a community full of people that really don't give a shit what problem you're having. We'll only help you as much as you let us.

If you know me on msn, then you probably know that i had to get rid of Spyware Guard 2008 over the last two days. It was so much of a pain in the ass. It would boot, log in, BSoD. Everytime. So i went in with safe mode and another PC, Deleted everything for it, looked at 7 guides, all had the same directions, and fixed the registry. Then, upon restart, BSoD. BSoD. BSod. So you know what the options looked like. Reformat. Well I run a business on my laptop and I have vital information i couldn't lose, so I found a different way. I installed another windows over it, and now i use the second windows on the same partition, so i have all the old programs, none of the registry (Yes there were some program errors) and no more spyware guard.

yours31f wrote: If you know me on msn, then you probably know that i **had to get rid of Spyware Guard 2008 **over the last two days. It was so much of a pain in the ass. It would boot, log in, BSoD. Everytime. So i went in with safe mode and another PC, Deleted everything for it, looked at 7 guides, all had the same directions, and fixed the registry. Then, upon restart, BSoD. BSoD. BSod. So you know what the options looked like. Reformat. Well I run a business on my laptop and I have vital information i couldn't lose, so I found a different way. I installed another windows over it, and now i use the second windows on the same partition, so i have all the old programs, none of the registry (Yes there were some program errors) and no more spyware guard.

I, laughed. Lord I laughed. I have laid my eyes upon your curious little "business" website once. 1996. Need I say more?

As for the "information" you just "couldn't lose"… right. Homework? Porn? s3cr3t fb1 f173s? Gtfo.

Get real.

No, the files I couldn't lose were CS4 (I could've but it's a pain in the arse to DL and renew), business records, and things of that sort. Conversely of you, I actually use my computer for more than trolling and downloading pr0n.

There's a few malware programs around like this with various different names that mimic real anti virus programs and removal tools , the one I encountered was called "Spyware Guard 2008" and they can be hard to remove .

The easiest way seems to be killing the process in task manager , running msconfig and deselecting the program name , as well as any other obvious additions , and booting in safe mode .

This kind of infection MUST be removed in safe mode or it will just keep reinstalling itself .

The online instructions for manual removal don't really seem to help , as the .dll and registry entries etc seem to vary so much from person to person , and the programs they suggest to remove it don't always seem to work well.

Malwarebytes seems to be the best at removing them , so get a copy and install it , this took me a few attempts and reboots to actually get it installed , but it's worth persevering as it works a treat .

Run a full scan and this should solve your problems .

Also check your Internet Explorer privacy settings are not changed to the lowest setting "accept all cookies" , and that there are no unknown additions to the "trusted sites" in the Security tab .

Check Windows Update too , as I'm sure they put out some new patches to help prevent the spread of this .

Hope that helps .

Thumbs Up! Have 20 CPs for that fantastic response. :D - Zeph

Ok, this may not be the best solution out there, it is completely manual, and therefor takes a lot of searching when it comes down to it.

I have had MANY trojans like this one here. VirusBurster comes out to be my number one pain in the ass. What I did, is just did a google search on the malware's trade name and program names, like "Virusburster Processes" 9 times out of 10, I would turn up a list of names of processes and paths, because it was able to disable any antivirus I have had.

After finding this list of program names and dlls, I would rename them one by one to .txt and kill the process each time I would rename one. Soon, I would get down to none of them running, and finally reboot. This reboot would make it so that all .dlls would be unloaded and all processes would not be run on startup, after all, a txt file is not executable. After I was able to delete them, I ran a scan with Malwarebytes to make complete sure I got it all. I have had great luck thus far.

Try this, it should work. Keep us posted.

I had to reboot a friends computer after this happened. Its a bitch.

Backup

Reformat.

Easiest Way

mambo wrote: I had to reboot a friends computer after this happened. Its a bitch.

Backup

Reformat.

Easiest Way

That is not the Easiest way as you put it. Malwarebytes is a great tool. I use it to remove things when people come to me saying "My computer is slow" I totally agree with what was said in the long drawn out post here. I congratulate you for your great effort and positive response to this. And I totally agree with the 20CPs you got for it. Thumbs up!

AldarHawk wrote: [quote]mambo wrote: I had to reboot a friends computer after this happened. Its a bitch.

Backup

Reformat.

Easiest Way

That is not the Easiest way as you put it. Malwarebytes is a great tool. I use it to remove things when people come to me saying "My computer is slow" I totally agree with what was said in the long drawn out post here. I congratulate you for your great effort and positive response to this. And I totally agree with the 20CPs you got for it. Thumbs up![/quote]

Cheers. Basically I ran a virus can on various premium virus scan software and the virus constatly replicated itself. It may be easy to get rid of but do you really want to risk someone having all your login details and whatever else you store on your computer being in th hands of some script kid who dowloaded 'piss peple off virus'.

to me its safer yo to reformat than write a letter to paypal asking for $1000 back =]

(ps its 5am, just got back from a night out)