Spyware Guard 2008 or 2009 Descriptions:
Spyware Guard 2009, also known as SpywareGuard 2008 or Spy Guard 2009, is new counterfeit anti-spyware software that created to invade yoru privacy and ruin the Internet community. Just like most fake antispywares, Spyware Guard 2008 issues misleading and exaggerated results. Spyware Guard 2008 (or SpywareGuard 2008) usually installed itself onto your PC without your permission, through Vundo Trojan, Virus or fake software. SpywareGuard 2008 (or Spyware Guard 2008) will display fake system alerts or fake security alerts to trick user to buy the paid version of SpywareGuard 2008 or Spyware Guard 2009, in order to remove the potential and reported problems. Not only does it cause your machine to slow down dramatically, it would also put your privacy and data in risk.
Manual Spyware Guard 2008 Removal Instructions:
Stop Spyware Guard 2008 Processes:
(Learn how to do this)
SpywareGuard.exe
syscert.exe
spoolsystem.exe
reged.exe
Find and Delete these Spyware Guard 2008 Files:
(Learn how to do this)
%Windìr%\reged.exe
%Windìr%\spoolsystem.exe
%Windìr%\sys.com
%Windìr%\syscert.exe
%Windìr%\sysexplorer.exe
%Windìr%\vmreg.dll
%UserProfile%\Desktop\Spyware Guard 2008.lnk
%UserProfile%\Start Menu\Programs\Spyware Guard 2008\Spyware Guard 2008.lnk
%UserProfile%\Start Menu\Programs\Spyware Guard 2008\Uninstall.lnk
%ProgramFiles%\Spyware Guard 2008\conf.cfg
%ProgramFiles%\Spyware Guard 2008\mbase.vdb
%ProgramFiles%\Spyware Guard 2008\quarantine.vdb
%ProgramFiles%\Spyware Guard 2008\queue.vdb
%ProgramFiles%\Spyware Guard 2008\spywareguard.exe
%ProgramFiles%\Spyware Guard 2008\uninstall.exe
%ProgramFiles%\Spyware Guard 2008\vbase.vdb
%UserProfile%\Application Data\Microsoft\Internet Explorer\olesys.dll
Remove Spyware Guard 2008 Registry Values:
(Learn how to do this)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “SpywareGuard2008″
Download SpyHunter* Spyware Detection Utility.
Well Jesus F@#$.
I noticed some odd behavior on my laptops behalf on Sunday (empty windows pop up in IE, despite my not having IE on my system, and very slow) then I hit the mother load! Maybe 5 hours ago my computer gleefully informed me that a new program, albeit Spyware Guard 2009, had been installed.
The bugger hasnt hindered me from looking at help sites, but it has blocked me from downloading any program to clean or wipe its existence. Ive tried a System Restore, and it just gives me the blue screen of death and restarts. Ive done manual deletion as suggested, but again, to no avail.
(Oh goody! SG is offering me their full assistance in clearing my PC of unwanted viruses)
Im heading to Geek Squad tomorrow, hopefully theyve dealt with this before. But at this point, my laptop is virtually useless. Wonderful.
I use Google Chrome, perhaps since it’s a little off the beaten path, SG isnt restricting my browser.
I just tried using FF, and its got me completely blocked on that one.
So Id recommend using GC if you dont have an additional computer to find help on.
HELP PLEASE I JUST GOT MY COMPUTER BACK FROM THE SHOP TO GET RAM PUT INTO THIS SUCKER TO GO FASTER AND THIS STUPID CRAP POPS UP AND MAKES IT GO SLOW AGAIN. WHAT DO I DO????
I have the 2009 version, which I think is smarter. I’ve actually gone through and read everyone’s comments on this, and I read Il’s (I forgot his full username) where you replace the file with null files. This stopped the exe of spygaurd from appearing but I still get the popups in ff and it still links me to other pages.
man spyware guard 2009 sucks big time!
Having removed the files I posted earlier, I have had no more popups or regenerations of the SG2008.
Ron
For what it’s worth, if it’s blocking websites, usually you can click on the cached link to get into it.
The issue I have run into with Spyware Guard 2009 is that it not only blocks the web sites of all known security locations, but trying to download anything will result in it downloading another piece of the infection, NOT what you were trying to download. And to add insult to injury, since most sites don’t have true FTP access, you can’t even use the old command line ftp client to download any tools to try to get rid of this thing.
One thing that may be happening is that the new version comes with a root kit that preempts the normal functioning of Windows, so that you can’t find the process that is causing the problem.
My own suggestion at this point is to use an external hard drive to back up your personal files, e-mail(if you use Outlook, Outlook Express, Windows Live Mail, or whatever), address book, etc, and then wipe the machine clean and then restore your files. Since many infected machines are running Vista and many root kit detectors don’t run under Vista, it makes it very difficult to remove.
im trying to get rid of the spyware 2009, it will not even allow me to open the internet at all, it comes up then goes down in 30 seconds, what is the easiest way for someone that is not very computer literate to get rid of this
I did a search for all .dll files created since the download first appeared and deleted them. some of these you have to move to your desktop then delete. You will get an unable to delete message on these. After you have deleted or tried to delete the files remove the program from your program files and restart your computer. The files that are on your desktop will then be able to be deleted. hopefully this works for you as it did me.
Hmm.. Well I got a bit of hints. For the lock program, such as SG’08 itself. Just do ‘alt-ctrl-delete’ Kill the process there and it will be unlocked. Second if, AND ONLY IF, you are knowledgeable there is a way to stop it resetting during the current log-in. The way is through ‘alt-ctrl-delete’ Then you need to kill explorer.exe. JUST THE PROCESS NOT PROCESS TREE!!! remember to get back just restart it through the file tab and run. Though I must hint out that it can restart again. Also the run does act as run in the start bar. So far my comp is at the B.S. of D. At the ‘Ca533av.sys’ Looking this up it seem to be a camera prog. Maybe there was an infected pic or something. Don’t worry soon I’ll find a procedure to get rid of this for all comp. Until I do just hang in there.
Found one other fix – didn’t see it posted:
Put the infected PC on your network (make sure that all of you other connected PCs have AV installed & up to date). Share the C drive of the infected PC. On the good PC, map the shared C drive as a drive letter. Reboot the infected PC into safe mode with networking. Now, scan the infected PC from the healthy PC. Takes the evil right out!
Hi Guys
On the Lawsuit thing, they’re not in Russia. The ICANN data says it, but they’re hosting in California and spoofing a GPS of Kansas. Look up atmlinkinc.com…notice where it goes, using revdns and tracerte for the ip address for the sites. Anyone in Ca should be able to contact SOS office and have them investigate. I’m a Hacker hunter, and I never trust ICANN (you shouldn’t either)
Just deny permission to its installation folder, for me it works, try and let me know to jartram@gmail.com
Thanks!
My mother had this happen, and a coworker. I successfully removed Spyguard 2008 with Hijack This and Avira — hope this helps….
The best way to get rid of this virus is just to wipe your computer. Go buy an external hard drive and keep all your important files on it. Then restore you computer to factory settings. I’ve gotten this virus numerous times and this has always worked. Yes you lose some files but it saves you the hassle of trying everything else on this page and it not working. Also the sooner you do this the easier it is. For XP when windows starts up you hit F10 for system recovery for Vista you need the Vist disc in the computer when you start up to do a system recovery.
Hey guys! If you have Windows XP, disconnect from the internet and find the executable file in your system and delete it. You may have to start it a few times to get to it as it will try to keep controlling your pc, but once you do that, turn the pc off and leave it for several days–yes! Turn it off!
I have symantec (not a new version), but once I re-start and run a new scan, it finds and quarantines it just fine. Then, make sure you immediately delete all your internet history, cookies, etc. (you should be doing this all the time anyway), and KNOW your own security system and software so you can tell when something is wrong.
I’ve had to do this on my teenager’s pc last year too. It wasn’t until we disconnected for a period of time that we could gain control again, and that was an old anthem running windows 98–a bit harder on that one. For some reason though, XP seems to aid in correcting itself after being idle.
The more you run the pc and try to get rid of the program files with an active internet connection, the more it embeds itself and gets harder and harder to get rid of. I haven’t had to get new software, wipe or restore or anything, and this recently infected computer is an old HP pentium 4.
A little patience and immediate disconnection does the trick!! It’s those of of us who can’t live without the internet for even a day that makes these virusus so good!
This is where having multiple laptops come in real handy!! Good luck and happy surfing!
I wonder if there was another lawsuit filed against them because Javacool Software also has a program called SpywareGuard, that program, although outdated, is not spyware.
Happy new year! I spent the first day of the year getting rid of (I HOPE) this flippin’ bug. Thanks for the information–it helped. As for a lawsuit, the heck with that. If they’re really in California, I’ll be happy to fly out there and crack some skulls. I’m pissed.