Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PSGuard++? [CLOSED]


  • This topic is locked This topic is locked

#1
psusi

psusi

    New Member

  • Member
  • Pip
  • 1 posts
I've been trying to fix a friend's PC that apparently got this PSGuard junk on it. After spending several hours digging around and removing various junk. I finally got stuck.

I'm not sure if this last part is a new, stronger version of PSGuard or what, but it appears to involve a kernel mode driver and at least one user mode component that are installed and can not be removed using registry editor. They are using tricks that have been described by Mark Russinovish over at www.sysinternals.com for years to hide registry keys from the win32 api. Mark made a utility called rootkit detector that detects a few of these keys, but apparently will not remove them.

I have searched high and low and I can not find a utility that can reach these hidden registry keys. Does anything like this exist?
  • 0

Advertisements


#2
skate_punk_21

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
Somethings missing from your post!!
Please download HijackThis http://www.greyknigh.../HijackThis.exe - this program will help us determine if there are any spyware/malware on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the hijackthis.log file here. Do not fix anything in HijackThis since they may be harmless.
  • 0

#3
skate_punk_21

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP