# Fraud.sysguard virus....how bad is it and how to remove?



## 3kids4me (Mar 27, 2010)

I clicked on a link that I shouldn't have and briefly saw something like a .exe running.  So I ran Spybot (I have PC-Cillin which didn't pick anything up) and it discovered a virus called fraud.sysguard.  I then googled the virus and got into this majorgeeks.com forum which has instructions for eliminating malware, but the instructions include all these instructions for downloading and running about five different anti-virus programs, one after the other.  I was partway through the instructions (which are so complex...I had to do something with my user accounts, etc.), in the middle of the first scan using something called SuperAntiSpyware, and I realized that I should have posted on TUG because I'm in over my head!

So the first question is...how bad is this virus?  Can it steal personal information or does it just slow down my computer?  (I hadn't noticed a problem with the computer and have not used the computer to log into anything since it happened.)  Secondly, is downloading gobs of different anti-virus programs going to make things worse?  

Any help is appreciated.  Thank you!


----------



## Nickfromct (Mar 28, 2010)

the major geeks site is pretty good for that kind of stuff. Don't know how bad that virus is, but to me any virus is a bad one. I've used superantispyware before and it was ok. I took it off because it wasn't finding anything my two other spyware programs (spybot, malwarebytes) didn't find. I use AVG for my anti-virus program and that might be a good idea for you to do. Get the free version.


----------



## ScoopKona (Mar 28, 2010)

First of all, it isn't a virus. It's malware -- malicious software. AKA "a trojan horse." 

That means that you somehow downloaded and installed sysguard.exe -- this is usually done by visiting a dodgy website and allowing it to hijack your system through Active-X controls. Web of Trust would have kept you from coming in contact with the dodgy website in the first place.*

Anti-virus software would not have helped in this situation. (And I am of the opinion that it NEVER helps. But I am also the only person here who seems to think that way.)

Spybot should remove sysguard automatically -- did you try the clicking the checkbox next to fraud.sysguard and hitting the "Fix Selected Problems" button after Spybot scanned your computer?

I prefer the one-two punch of SuperAntiSpyware and Malwarebytes to Spybot. Spybot searches for the "digital fingerprints" of nearly one million worms, trojans and other malware. The other two scan all the files on your computer looking for "digital fingerprints." That's usually MUCH faster. (Unless you have more than a million files on your computer. In which case, you really shouldn't be asking for malware help on a timeshare BBS.)

Finally, since the Majorgeeks Malware Removal Guide recommends removing all but one anti-virus package, I don't see how you got the idea that you need to install five. (And I'm of the opinion that anti-virus software isn't merely unnecessary, it's borderline fraudulent. It's no different than Linus Van Pelt's security blanket -- doesn't really do anything, but makes the user feel warm and fuzzy.)




* I am very close to simply ignoring "Oh no! A virus!" threads. I keep posting the same information over and over and it obviously isn't helping. I feel I am wasting my time.


----------



## Talent312 (Mar 28, 2010)

I recently had to deal with several trojan horses recently.
*AVG* (free version) did a good job of spotting them, but had trouble removing one which had installed itself in my start-up process. For that, I used *Advanced System Care*'s "start-up" utility which showed me the location of the underlying program. After removing it manually, I ran both *Spybot* and McAfee's *Stinger* (free) programs to make sure I was clean. I'm sure that this was mostly redundant, but sometime one will catch something that the other does not.


----------



## Patri (Mar 28, 2010)

ScoopLV said:


> * I am very close to simply ignoring "Oh no! A virus!" threads. I keep posting the same information over and over and it obviously isn't helping. I feel I am wasting my time.



That's up to you, but people pretty much won't read or remember a virus thread until it happens to them.


----------



## ScoopKona (Mar 28, 2010)

Patri said:


> That's up to you, but people pretty much won't read or remember a virus thread until it happens to them.



That makes about as much sense as me repeatedly posting "How not to get into a car wreck" advice and people repeatedly posting "I got into a car wreck! What do I do?" questions.

Here is a review about "Web of Trust." 

http://www.pcworld.com/article/163271/say_wot_web_of_trust_rates_web_site_safety.html

Here is a review about SuperAntiSpyware:

http://www.pchell.com/reviews/superantispyware.shtml

Here is a review about Malwarebytes:

http://www.pcmag.com/article2/0,2817,2345353,00.asp



Here is my original (and largely unread) "PC tuneup and security" thread:

http://www.tugbbs.com/forums/showthread.php?t=98269


And here, in detail, is why I feel AV software is worse than running "nothing at all":

http://www.tugbbs.com/forums/showthread.php?t=104447


There we go. Anyone else has problems? Point them to this post. I'm done writing the same junk over and over.


----------



## The Conch Man (Mar 28, 2010)

Scoop, been there done that many, many years ago on this site & Timeshare Forums!

I know where you are comin' from & I have some software "Extras" that I haven't bothered to enter here on this site or the other website. Years ago, members copied everything I used & explained than begin answerin' questions here on the forum that I use to answer over & over again but stop many years ago.

Its not that they don't know what ya say its personal with them for some reason or another, they have to be the one to say it! Don't lose any sleep over it, as you get older you'll know what I mean!




ScoopLV said:


> There we go. Anyone else has problems? Point them to this post. I'm done writing the same junk over and over.


----------



## 3kids4me (Mar 28, 2010)

Nickfromct said:


> the major geeks site is pretty good for that kind of stuff. Don't know how bad that virus is, but to me any virus is a bad one. I've used superantispyware before and it was ok. I took it off because it wasn't finding anything my two other spyware programs (spybot, malwarebytes) didn't find. I use AVG for my anti-virus program and that might be a good idea for you to do. Get the free version.



The scanners you referenced above were in the list of the ones major geeks recommends to attack this problem, so I used them all, in succession, as recommended.  Thanks for the AVG reco.



ScoopLV said:


> Spybot should remove sysguard automatically -- did you try the clicking the checkbox next to fraud.sysguard and hitting the "Fix Selected Problems" button after Spybot scanned your computer?


 

Of course I did, and it was unable to fix, which was how I started down the road.



ScoopLV said:


> I prefer the one-two punch of SuperAntiSpyware and Malwarebytes to Spybot. Spybot searches for the "digital fingerprints" of nearly one million worms, trojans and other malware. The other two scan all the files on your computer looking for "digital fingerprints." That's usually MUCH faster.


 See above...SuperAntiSpyware and Malwarebytes were two of the programs recommended to be installed and used in order to clear this problem.  I did install and run both.



ScoopLV said:


> Finally, since the Majorgeeks Malware Removal Guide recommends removing all but one anti-virus package, I don't see how you got the idea that you need to install five.



The majorgeeks removal guide *recommends* a special procedure for getting ride of malware that includes installing all five programs and using them.  That's how I got "the idea".





ScoopLV said:


> * I am very close to simply ignoring "Oh no! A virus!" threads. I keep posting the same information over and over and it obviously isn't helping. I feel I am wasting my time.



Your prerogative.  Or you could share your expertise and hope that someday when you have a different kind of problem, someone with that expertise will kindly help you without whining about it.  But again, your prerogative.

------------------

I brought the computer to Best Buy today and they ran a scan which showed nothing.  I then pulled up Spybot for them, ran it, and showed them where fraud.sysguard was coming up and showing it was unable to be deleted.  The geek squad guy found the location and told me it was just a fragment in a file and could not be executed; in other words, some scanner had gotten rid of it once and left behind some stuff.  However, he was not able to remove the "stuff".  Computer is running fine and always was, so maybe I never had any real problem in the first place.

Thanks for everyone's input!


----------



## ScoopKona (Mar 29, 2010)

3kids4me said:


> The majorgeeks removal guide *recommends* a special procedure for getting ride of malware that includes installing all five programs and using them.  That's how I got "the idea".



In your original post, you said Majorgeeks recommends five _anti-virus_ packages. Superantispyware and Malwarebytes aren't anti-virus packages. A matter of semantics, perhaps. But installing five anti-virus suites will basically ruin a computer. Installing five malware-removal programs will not. See the difference?

That's why I brought it up.


----------



## Patri (Mar 29, 2010)

ScoopLV said:


> That makes about as much sense as me repeatedly posting "How not to get into a car wreck" advice and people repeatedly posting "I got into a car wreck! What do I do?" questions.
> 
> 
> There we go. Anyone else has problems? Point them to this post. I'm done writing the same junk over and over.



Thank you.
Because whether you like it or not, people will continue to post on TUG the same topics over and over. People come and go. It is easier and faster to post a question than to dig through the archives, if they even realize they exist. And someone nice will always come along with an answer or direct them to the proper old thread.


----------



## ScoopKona (Mar 29, 2010)

Patri said:


> Thank you.
> Because whether you like it or not, people will continue to post on TUG the same topics over and over. People come and go. It is easier and faster to post a question than to dig through the archives, if they even realize they exist. And someone nice will always come along with an answer or direct them to the proper old thread.


----------



## theo (Mar 29, 2010)

*Input from a techno-ignoramus...*

While I am a reasonably intelligent person, I'll admit that I could fit almost everything I know about computers and software on a matchbook cover ---and still have plenty of space left over. That much openly admitted right up front, I have always installed and regularly updated and regularly used anti-virus and anti-spyware software. I'll share a very recent (even if embarrassing) experience, with a bit of background....

On my computer I had AVG for anti-virus software, and Spybot for spyware. I also had Ad-aware, but removed it after Spybot repeatedly found things undiscovered by Ad-aware. I don't often go to unknown sites, nor do I ever click on links within unsolicited or unknown correspondence. I'mm pretty careful. Nonetheless...

About a week ago, I apparently (and unwisely) clicked on a lower bar icon which represented itself as a "adobe updater" --- which it evidently wasn't. Since it was not something on a web site or within an email, I assumed it was legitimate --a mistake on my part. The computer promptly slowed down, then thereafter would not reboot at all. Off to the shop...

Tech at the shop ---and numerous other customers --- had apparently encountered the exact same phenomenon (after making the exact same error)within the same 2-3 day period. Tech cleaned up my computer and removed both AVG and Spybot and installed "Avast" instead. 

Moral of the sorry? I'm not computer savvy enough to know, but I *do* know that I won't be clicking on any "update" icons again anytime soon for anything that's already working just fine already.


----------

