Jump to content

Partially there2?? Spyware Guard 2008


Recommended Posts

****The Topic was 'closed' so I didn't know how to reply to it (new at this). Below is the orignal posting and first reply. I was able to do some of the suggested - but see bottom for info.*****

It appears I have this virus (after coming back from vacation, on Christmas evening). In any case, I have mouse control but can't do anything in Windows XP unless I open in SafeMode.

After reading some info in this forum and using another computer, I downloaded Malwarebytes & Superantispyware to a CD (and also made a copy with .bat extension). Using SafeMode, I loaded onto my desktop. I've tried running from the desktop or the CD using SafeMode.

Again in Safemode:

Malwarebytes: Nothing appears to happen when I attempt to use this. Sometimes a icon appears at the bottom of the screen (and with the cursor over it it says scan)

Superantispyware - I get a message in Safe Mode saying 'The system administrator has set policies to prevent installation)

I can't open my antivirus program.

I was able to get into RegCure and could see that Spyware Guard 2008 was in the startup menu (and I think I delete it)

I tried a MS malware detector, but it came up with nothing (ran on full scan for 3 hours, showed >700,000 files, with 0 infected

SUGGESTIONS?

How do I get Malwarebytes or Superantispyware to run?

Should I be running in SafeMode with internet connection disconnected?

Thanks.

********

Post #2

Elite Member

Group: Trusted Advisors

Posts: 682

Joined: 14-February 08

Member No.: 2,103

Greetings and welcome. Please follow AdvancedSetup's instuctions here to see if it helps: http://www.malwarebytes.org/forums/index.p...amp;#entry35969

If it does, then please follow the instructions here:

http://www.malwarebytes.org/forums/index.php?showtopic=2936

and post your logs in a new topic here:

http://www.malwarebytes.org/forums/index.php?showforum=7

Please be sure not to install any software or use any removal/scanning tools exept those that you are

instructed to by the expert who will be assisting you as doing so can make their job much more difficult.

I hope I was helpful. Good luck and safe surfing. *******

*************

THANKS - .

In SAFEMODE (Windows XP) I was able to Run devmgmt.msc and View & Disable TDSSERV.SYS and Restart the computer. In regular mode (not SafeMode) I was able to have functionality (for first time, thanks!) to do some things - I had previously downloaded MBAM onto a CD using another computer and loaded into the download directory on the affected desktop. I have renamed the MBAM file, but when I click on it it gets to the 'Select Setup language' screen but goes no further.

When I check Task Manager, there are ~57 processes listed

Under Tasks, it shows only my download directory and says 'running'

The hard disk seems very active at the moment (from the sounds generated)

Also, should I reconnect the desktop to the internet/modem/router?

Should I be doing the rest of this in 'Regular' mode or 'Safe mode?

*******

exile360

View Member Profile

Add as Friend

Send Message

Find Member's Topics

Find Member's Posts Today, 05:27 PM Post #2

Elite Member

Group: Trusted Advisors

Posts: 684

Joined: 14-February 08

Member No.: 2,103

Hello again. If you can, try to run MBAM in normal mode, but if it won't, then go for safe mode (you may need to rename the setup file to get it to fully install). Once it's installed, go the C:\Program Files\Malwarebytes' Anti-Malware and rename the file "mbam.exe" to something random, like your name or your favorite color, anything as long as it's not mbam. Then double click the renamed file to run it and have it check for updates then try to do a quick scan and remove what's found. After that, follow the rest of the instructions I gave you previously regarding posting in our HijackThis forum that way an expert can guide you the rest of the way to getting your system cleaned up.

****

1) I tried running MBAM in Reguar mode again (say thing happened), then in Safe Mode (it gets only slightly farther for an instance the Wizard screen comes on then goes off).

I have renamed MBAM after previous download. Do I need to download again and rename in the download? Any other suggestions - also see below.

2) I am able to get SuperAntispyware Wizard to go to the Setup Mode so I allow it to go further (had previously downloaded to CD from another machine) - should I run this???

3) Substract also seems to be potentially functioning (but have run it)

4) SHOULD I RECONNECT to the Internet at this point??

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.