Jump to content

SpywareGuard08 and Vundo preventing removal, tried everything

acconrad
 Share

Recommended Posts

acconrad

acconrad

Posted
Posted

Hello,

I am speaking from my Linux partition. My Windows XP partition has been infected w/ SpywareGuard2008 and Vundo (I see SypwareGuard, MS_Juan, GrandPack, GetModule, etc...so there might be more).

This version is particularly smart, and will not allow me to install MWBytes unless I rename the setup file as suggested on this site. The install runs successfully until the very end, because the last steps of the install process require mbam.exe to run, which has been disabled by the malware. If I check my Task Manager, the process is running, but the GUI will not show.

Next, I tried the instructions for getting an outside copy of the updated rules set, and running a few batch scripts to rename the executables and running from the command line. Even with a different executable name or even a different default install folder, this will not allow me to run any form of mbam.exe, regardless of where its located or what it is named.

I feel like the only way we could get MWBytes to run is if all of the files were renamed, because none of the other file names are changed, and it could restrict access to the unchanged DLLs. Either way, like I said, even renaming the exe or the folder MWBytes lives will not allow me to run the software.

Also, I tried installing Spybot, VundoFix et al and I get a warning saying I don't have permissions to install this (and I am running as the administrator in Safe Mode w/ Networking) so...

...my last resort is to find a way of renaming all of the files, or is there install package with a funky name so these viruses don't think this is MWBytes?

Any ideas?

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Greetings acconrad and welcome. Please follow AdvancedSetup's instructions here and see if it helps: http://www.malwarebytes.org/forums/index.p...amp;#entry35969

If so, then please follow the instructions here:

http://www.malwarebytes.org/forums/index.php?showtopic=2936

and post your logs in a new topic here:

http://www.malwarebytes.org/forums/index.php?showforum=7

Please be sure not to install any software or use any removal/scanning tools exept those that you are

instructed to by the expert who will be assisting you as doing so can make their job much more difficult.

I hope I was helpful. Good luck and safe surfing.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.