Spyware Guard 2008?

Discussion in 'malware problems & news' started by xMarkx, Jan 13, 2009.

Thread Status:
Not open for further replies.
  1. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hi,

    My friend was using Google to surf the internet. He clicked on a website that looked ok but it redirected him to: sg9scanner.com. The page was blank except for a pop up that said something about if he wanted to download Spyware Guard 2008 to protect against and remove trojans, spyware etc. He said he closed the window pretty much right away after seeing the pop up was a scam.

    He was using my old computer which I still use frequently (Windows XP SP3 Home Edition) and Internet Explorer 7. I checked the browsing history to confirm that the seemingly legit site redirected him to sg9scanner.com which it did. The antivirus software I'm using on this computer is ESS.

    I'm going to run a full scan with ESS but I don't really want to go out and download a bunch of antispyware software so my question is...

    Am I safe? Did any bits or pieces of Spyware Guard 2008 get on my computer? How can I tell if it did?
     
  2. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    There's a CSS of sg9scanner.com in my Temporary Internet Files Folder. I'm not sure what this means, though.
     
  3. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    FWIW all content displayed in your web browser is downloaded to your pc. Run CCleaner and you'll probably be fine. If you want a 2nd or third opinion run MBAM or SAS and maybe an F-Secure or Bitdefender online scan. Next time put you friend on a limited or restricted account.
     
  4. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    Spyware Guard 2008 is part of the Winantivirus rogue group. Use MBAM to remove the traces.
     
  5. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hi,

    Thanks for your response.

    Nothing was displayed in the browser - the background was blank - except for the message box (the one saying that you are infected and in order to get rid of the infections and to prevent further infections download..). The green loading bar was loading at that time though... Then Internet Explorer was closed.
     
  6. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,907
    Location:
    U.S.A.
    You might have no choice but to get AS software to get rid of it; see this Wilders thread:

    Spyware Guard 2008 takes over computer.

    .
     
  7. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    Yes, and let me repeat myself by stating that all content displayed in your web browser is downloaded to your pc. That little message box is no exception and a popup window spawned from a web page. Run secunia and make sure you've updated often exploited software on your pc.
     

    Attached Files:

  8. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hello,

    I've done a few scans with NOD32 since almost getting infected with Spyware Guard 2008. Yesterday's scan picked up something. Do you think it has something to do with Spyware Guard 2008? If not, what do you suppose it is and where do you think it came from?

    Object Name: C:\I386\GTDownDE_87.ocx
    Reason: Probably a variant of Win32/Adware.Agent application

    Dell Dimension 8400
    Windows XP Home Edition SP3, 32-bit
    All the latest Windows Updates
     
  9. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,267
    Location:
    England
    Did you do a scan with MBAM as Biscuit suggested?
     
  10. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,907
    Location:
    U.S.A.
    stapp, in his original post, xMarkx stated "I don't really want to go out and download a bunch of antispyware software" so I doubt MBAM or SAS has been used. xMarkx has posted here: https://www.wilderssecurity.com/showthread.php?t=232877.
     
  11. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    I'm going to guess you're fully updated so I doubt you're infected since you didn't download any files.
     
Loading...
Thread Status:
Not open for further replies.