Content Top
DAL Computer Help » Operating System Help » Windows XP Help » Spyware Guard 2008 (fake) antispyware

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

Spyware Guard 2008 (fake) antispyware

Reply
Thread Tools
Windows XP Help
  #1 (permalink)  
Old 26-12-2008, 11:13 PM
Newbie
D-A-L Newbie
  
Join Date: Oct 2006
Posts: 8
azza Is a beginner here at D-A-L
Angry Spyware Guard 2008 (fake) antispyware
I don't know how the software got on my computer but it is here. It is a fake anti virus uses scare tactics fake alerts and false positives) to trick users into buying the fake software. i need to know how to get rid of it completely! PLEASE help!! Here's my hijack report.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:06:17 PM, on 12/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Scansoft\OmniPagePro14.0\WorkFlowTray.exe
C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\ScanSoft\OmniPagePro14.0\OpScheduler.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\prunnet.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Restart WSC Setting] C:\PROGRA~1\blcorp\UWCSuite\WSC\wscrestp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PDF4 Registry Controller] "C:\Program Files\ScanSoft\PDF Professional 4.0\\RegistryController.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch. exe" -start
O4 - HKLM\..\Run: [ScanSoft PDF Professional 4-reminder] "C:\Program Files\ScanSoft\PDF Professional 4.0\Ereg\ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PDF Professional\4\Ereg\ereg.ini"
O4 - HKLM\..\Run: [WorkFlowTray] "C:\Program Files\Scansoft\OmniPagePro14.0\WorkFlowTray.exe"
O4 - HKLM\..\Run: [Opware14] "C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe"
O4 - HKLM\..\Run: [OpScheduler] "C:\Program Files\ScanSoft\OmniPagePro14.0\OpScheduler.exe"
O4 - HKLM\..\Run: [OP14 Reminder] "C:\Program Files\ScanSoft\OmniPagePro14.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPagePro14.0\EregEng\ereg.ini"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKLM\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Yahoo! Pager [2]] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKLM\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKLM\..\Run: [Google Update] "C:\Documents and Settings\Mommie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Run: [C:\eb037246f2b5ec9b5f19127d\update\update.exe] C:\eb037246f2b5ec9b5f19127d\update\update.exe
O4 - HKLM\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKLM\..\Run: [ace22b31] rundll32.exe "C:\WINDOWS\system32\togdcaet.dll",b
O4 - HKLM\..\Run: [Xcoyifucipis] rundll32.exe "C:\WINDOWS\Otiyiqo.dll",e
O4 - HKLM\..\Run: [xsjfn83jkemfofght] C:\DOCUME~1\Mommie\LOCALS~1\Temp\winlogin.exe
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKLM\..\Run: [Yritenupeh] rundll32.exe "C:\WINDOWS\axiwogij.dll",e
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\RunOnce: [WinStart Commander] WsCmd800.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Mommie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [xsjfn83jkemfofght] C:\DOCUME~1\Mommie\LOCALS~1\Temp\winlogin.exe
O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\Mommie\LOCALS~1\Temp\csrssc.exe
O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKCU\..\RunOnce: [CleanUp!] C:\Program Files\CleanUp!\Cleanup.exe /WindowsRestart
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.computers.us.fujitsu.com/
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {4F4D2E63-0377-4188-8B70-52934FA8A101} (First American File Control) - http://www.leadstoloans.com/activex/fafile.dll
O16 - DPF: {4F4D2E63-0377-4188-8B70-52934FA8A201} (First American Print Control) - http://www.leadstoloans.com/activex/faprint.dll
O16 - DPF: {4F4D2E63-0377-4188-8B70-52934FA8A301} (First American Grid Control) - http://www.leadstoloans.com/activex/***rid.dll
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1177177844172
O16 - DPF: {A2EBA59E-C601-4AE3-900B-6B61F29500BE} (ActiveFormX Control) - https://widow1.factualdata.com/ocx/print3.ocx
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames...l.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O20 - AppInit_DLLs: nuaxhv.dll
O21 - SSODL: ieModule - {F1A239DE-DE21-43C8-8B06-3DAFE6479F62} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
O21 - SSODL: InternetConnection - {F3241DB3-BB39-486A-BBE3-39DCBEC94E13} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\joybewhznm.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

--
End of file - 11050 bytes
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 27-12-2008, 03:11 PM
Newbie
D-A-L Newbie
  
Join Date: Dec 2008
Posts: 4
Aqibkhan Is a beginner here at D-A-L
Cool Re: Spyware Guard 2008 (fake) antispyware
have u got malware bytes download it then quick scan
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 27-12-2008, 03:19 PM
twobits's Avatar
Full Member
New Recruit
  
Join Date: Mar 2008
Posts: 66
twobits deserves a pat on the back from everyonetwobits deserves a pat on the back from everyonetwobits deserves a pat on the back from everyonetwobits deserves a pat on the back from everyonetwobits deserves a pat on the back from everyonetwobits deserves a pat on the back from everyonetwobits deserves a pat on the back from everyone
Re: Spyware Guard 2008 (fake) antispyware
I just fixed a computer for someone that had Spyware Guard 2008. Super Antispyware and/or
Malwarebytes anti-malware removed it for me. Download it and update before running program.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
popups, fake antispyware, background display change apiramza Spyware, Adware, Viruses and HijackThis Logs 9 08-03-2009 08:59 PM
HELP! Spyware Guard 2008 (fake) antispyware azza Spyware, Adware, Viruses and HijackThis Logs 1 28-12-2008 12:45 AM
Another Case Of Fake Warnings About Spyware xglassman Spyware, Adware, Viruses and HijackThis Logs 3 02-10-2006 09:17 PM
Java script blueyonder pc guard mcjosu Windows XP Help 0 21-09-2006 05:42 PM
Guard.tmp hijack...Question AphJN Chat Room 0 18-05-2005 02:12 PM


All times are GMT +1. The time now is 12:00 AM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav