GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Coreguard Antivirus

View previous topic View next topic Go down

Coreguard Antivirus

Post by kellyg on Sun May 17, 2009 8:30 pm

I need help, windows xp user with the coreguard antivirus. all the internet searches say to download spyhunt but the computer will not allow any downloads at all, we tried the manual removal and it doesnt work either what do we do next

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Origin on Sun May 17, 2009 8:31 pm

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by kellyg on Sun May 17, 2009 9:11 pm

The only way i can run that program is in safe mode will that info work?

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Origin on Sun May 17, 2009 9:29 pm

No sorry it won't because some processes arent loaded in safe mode therefore HijackThis won't have good information. Lets see if we can fix teh problem shall we:



  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by kellyg on Sun May 17, 2009 9:44 pm

ok I tried that and the virus still wont let it run it says the perimeter is incorrect and another error that says folder is not accessible

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Origin on Sun May 17, 2009 9:49 pm

You have a rootkit thast why its not letting you download ir, please do the following:

Download combofix from here
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by kellyg on Sun May 17, 2009 10:03 pm

ok a error box came up that says alert not safe to continue the contents of the combo fix package has been comprimised
what next?

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Origin on Sun May 17, 2009 10:10 pm

ok lets try this:

Please close all anti virus, anti malware and any other open programs/windows so they do not interfere with the running of RootRepeal.

  • Please download RootRepeal.zip from [You must be registered and logged in to see this link.].
  • Extract the program file to your Desktop.
  • Run the program RootRepeal.exe and go to the Report tab and click on the Scan button.


  • Select ALL of the checkboxes and then click OK and it will start scanning your system.

  • If you have multiple drives you only need to check the C: drive or the one Windows is installed on.
  • When done, click on Save Report
  • Save it to the Desktop.
  • Please copy/paste the contents of the report in your next reply.

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by kellyg on Sun May 17, 2009 10:19 pm

ok just so you know im not on the infected computer when messaging to you we have tried using the usb to transfer files and we cannot download or open ANYTHING on the infected computer. WE ARE EXTEMELY FRUSTRATED

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Belahzur on Sun May 17, 2009 10:27 pm

Hello.
Can you boot to safe mode with networking and try this?

Please then reboot your computer in Safe Mode by doing the following :

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the second option, to run Windows in Safe Mode with networking, then press Enter.
  • Choose your usual account.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Origin on Sun May 17, 2009 10:28 pm

Hello, can you rename HijackThis, to something like KellyG.exe

to rename (right click on HijackThis-->click "Rename"-->and name it to KellyG.exe

Then run it to see if it works

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

coraguard

Post by kellyg on Sun May 17, 2009 10:37 pm

ok we are in safe mode what do i do next

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Origin on Sun May 17, 2009 10:40 pm

Run the above combo-fix instructions please.

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by kellyg on Sun May 17, 2009 10:51 pm

alert its not safe to continue the contents of the combo fix package have been comprimised
enter
you maybe infected with a file patching virus
(Virut)

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by kellyg on Sun May 17, 2009 11:03 pm

We are running out of ideas any on your end?

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

coraguard

Post by kellyg on Sun May 17, 2009 11:20 pm

Well unfortunately i have to call it quits for the night, i appreciate all of your help but it looks like we are going to have to drop $200 to get someone to look at this. But if you do have any other ideas please let me know and maybe i can try them before i turn it over.

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Origin on Mon May 18, 2009 10:51 pm

Your computer is severely infected and the best thing to do would be to format the computer.

Instructions how to format and reinstall Windows can be found here:

[You must be registered and logged in to see this link.]

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by kellyg on Tue May 19, 2009 8:02 am

Thank you for all of your help....one question reformating will erase all of my other programs on this computer right along with pics and personal stuff?

kellyg
Novice
Novice

Status :
Online
Offline

Posts : 10
Joined : 2009-05-17
OS : windows xp
Points : 27572
# Likes : 0

View user profile

Back to top Go down

Re: Coreguard Antivirus

Post by Belahzur on Tue May 19, 2009 8:23 am

It will if you don't backup your personal stuff. Once backed up, so you can restore your stuff, just wipe the machine.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum