Spyware Doctor 3.5.0.498 Serials And Keygens
Vida Hubbert
Hello friends, I need your help, I have installed the spyware doctor normally but it detects me and informs me of the viruses found but it does not let me remove them or what does it mean to REGISTER ...
Fast and reliable, if you handle personal information it is highly recommended to ensure protection against keylogers and Trojans outside of your regular antivirus. It does not cause any kind of incom...
Uptodown is a multi-platform app store specialized in Android. Our goal is to provide free and open access to a large catalog of apps without restrictions, while providing a legal distribution platform accessible from any browser, and also through its official native app.
So this all began with the viruses that infected my machine and which I deleted manually. It was a generic malware in C\windows\system 32\ mspgw.exe. I have sent copies of the previously mentioned files when the problem happened and they said they sent it to you virus department. I don't know if I run these tools now if they will reveal anything since I deleted one of the viruses manually when I wasn't answered in 2 days. Sure wasn't a smart move but you know how a depressed person behave
I was contacted by the support team by email now with some steps. I will follow their advice and see what happens. I have tried SCF/scannow to make windows restore any missing files with no results. I also want to say that after deleting that file manually BD seems to see nothing wrong anymore eventhough I'm sure my regedit and other files are infected.
Please run those 2 tools and post the logs here. I don't have access to the mails you sent so I have no way of knowing what they contain. Also, fresh logs will provide accurate system status, especially since you say that you manually removed certain files.
You should be able to unblock them, using gpedit, To open it, go to Start-Run and enter "gpedit.msc" (without quotes). then type open the run command box:Run > gpedit.msc (Press enter). Group policy editor will appear.
the windows default setting is set "not configured" otherwise other prog's such as spyware doctor will flag it up, each time you scan (after a re-boot) hope the info helps you out, there is also ****** files available for download from a web site kelly's corner which will or should do the same almost but i favor the gp edit route personally
Thanks for your thoughts and advices. I have read about those steps 3 days ago somewhere in the internet and tried to follow them but I was baffled when I opened the gpedit.msc etc and couldn't find under Administrative templates the System folder!! Its then I realized something so bad going on.
Keep in mind that browsing with gmer is a lot slower than conventional browsing (with Explorer, or any file manager), because it also searches for files hidden by rootkits, which is a slow process.
Afterwards, put all the files in a password-protected archive (with the password infected; details HERE), upload the archive on a file-sharing service (details in the previous link) and send me the download link by PM.
Finally today I tried to do what you asked me to. But before all that I decided to run gmer.exe just to see if it can find anything else 'fishy'. Well it gave me a log file clear of all those kernel errors that were in the previous file. Despite all that I followed your steps and searched for them using gmer, and also they were not there. I went to start>Run> and then typed CODE as you said nothing happened I tried all the line also nothing (sure the message was windows can't find..etc). I used microsoft's advice and I'm still having the same funny thing: I opened gpedit.msc (which opened after 2 times of not responding windows) gpedit.msc>user configuration> administrative templates but I have no SYSTEM file there!! I have only windows components. Where did the system file go? I even searched under computer configuration and also it wasn't there.
I checked the link you sent me earlier ( ) and tried following the steps. I tried their 'gpupdate/force' method but when I typed it a small black window flashes and directly disappears. This is also what is happening with the REG command. I checked in windows\system32\ and the reg.exe file does exist but also same behavior when I click on it. So till now I can't use the taskmgr.exe nor the regedit.exe.
I don't know about "gpupdate /force" (never tried it), but the REG tool behavior that you noticed should be ok, since that tool is a console-based tool which closes automatically after it's work is done. And the command I gave you above uses REG to add a key to the system registry, to enable regedit.
If you want to see the result of REG (or any other console-based tool), go to Start -> Run, type cmd and Enter. Then, in cmd, write the commands as you would write them in Run. Then, whatever result is displayed by the tool will be visible in cmd. So you can try this method to run the gpupdate and REG commands to see what's the result.
I couldn't find anything missing in gmer.exe. I opened the C:\Windows\System32 I can see the files regdit.exe (cube with flying little smaller cubes) and taskmgr.exe(computer like icon) but both of them when I click them I get the same windows error message
On the other hand, under the Registry tab in gmer in : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options, both (regedit.exe) and (taskmgr.exe) showed in the right hand window this:
I don't know if these are related to this problem. I'm really out of ideas. Its so strange that we are trying all the seemingly possible solutions to restore the regedit and tskmgr and nothing is succeeding. Maybe that 'Debugger' thing is related I really don't know anymore.
I'll start with the simplest thing: I don't know exactly what's the purpose of Your image file here without a path and it's too late in the night right now to read about it. But the same values appear in my registry for this key, so my guess is that they are correct and safe.
The other ones (regedit and taskmgr) don't exist at all in my registry (at that address). And reading about Image File Execution Options on the web revealed that the Debugger value is used for launching a debugger instead of launching the actual process (in your case, regedit or taskmgr). For developers, this can be a useful feature... for also, for malware creators, it can be an easy way of replacing some processes with infected ones (because instead of launching what YOU want, something different will be launched instead).
Now back to trying to solve the problem: in theory, assuming that there's no active infection on your system (and, so far, we couldn't find any traces, so hopefully there isn't), fixing it only requires you to delete the regedit and taskmgr keys. (To avoid confusion, a key is like a folder in Windows Explorer). Use GMER to delete them.
I made a small mistake in my last post. As I said, it was kinda late in the night and I didn't really check if GMER can delete registry keys (and, apparently, it can't...it can only edit their values).
These files I found them with the Autoruns.exe so what information should I write down before deleting them? I mean the information which was available there was only the name and type and value. Is there anything else? or maybe I should access them with GMER to know further information?
FINALLY. Now I can bring the taskmanager window with ctrl/alt/del and in Run, regedit opens. Thanks very much Cris for all the trouble I caused you guys. I just wanted to ask you about the System Restore. In the beginning of the problem after I deleted the virus manually I made a new system restore point and then I tried restoring my computer to it after some days but I was always getting the message: Your computer can't be restored to this date". Do you think this was related to what we solved today? Or do you think I should create a clean system restore point from today's?