Recieved the lovely pop-ups for this virus today...had a hard time getting anything to work...finally I deleted 1) sysguard.exe in system tray processes, 2) deleted same in c:\windows and 3) renamed iehelper.dll in System32\
Tried to then run AVG to see if anything left...took forever, stopped it. Spybot didn't find anything...can't download anything because....
Now I can't use Internet Explorer (cannot find server or DNS error/page cannot be displayed) and can't get on internet via AOL, doesn't recognize dsl thinks I am dial up! I am using wireless laptop on same network so I know it is working.
AVG? Are you actually using any McAfee products? If you are then you shouldn't be running two anti-virus application at the same time as they will clash and actually make problems occur. Running certain anti-spyware tools is OK though as long as active protection isn't turned on. See: http://community.mcafee.com/showthread.php?t=136913
The best guidelines for this infection are posted on the following forum, please scroll down the page, don't click the first things you see as they are ads.
Apart from what Peter says above, you're really running IE6? That is way old browser. What is the exact version of your Windows XP? Does it have any service packs installed? Go to Start > My Computer > Right click on it and choose "Properties"
If it's possible, then you could try to see if you can surf to the Microsoft Update website.
If you have all these problems then how did you get to this forum?
I was using my laptop...problem is on my desktop...I can't get on the internet to download anything so the instructions given to me are moot...unless I download it to a CD from my laptop and install it on the desktop
I just noticed that you must be running XP Gold (i.e. no service packs) which means your system is wide open to attack no matter how you protect it. There is no support from Microsoft or here for anything under SP2, but you should have SP3 to be absolutely sure that you are safe, so once this mess is sorted out you should seriously upgrade. IE6 should now be IE8 to be safe, another necessary upgrade.
If you are using AVG as your protection then you should be asking for help on their forums.
However, if you can successfully boot into "Safe Mode with Networking" by tapping F8 repeatedly during the boot process then you should be able to download and scan using the free version of this tool: http://www.malwarebytes.org/mbam.php If so update it first before running and then let it delete anything it finds. Sometimes you have to run it more than once and reboot to delete whatever it finds. (Again into Safe Mode with Networking).
IE 6 with a build of 2900[.2180] is a SP2 install.
The Internet Explorer settings and proxy settings (connections tab -> LAN) should be reset to fix this problem. If the connectivity is still not restored, a full reset of TCP/IP settings and the Winsock catalog should be done. This can be done by running the following two commands from the Start-> Run option.
NETSH INT IP RESET RESETTCP.LOG NETSH WINSOCK RESET
After running these two commands, the machine should be restarted.
Finally transferred Malwarebytes to desktop via stick drive and ran it...still no internet access. People at AOL clueless and sent me ISP Verizon...1 hour and 2 technicians later, still nothing...until I tried your suggestion, Secured2k...YOU ARE THE BOMB!! XX OO XX to you! Thank you thank you!! If I may pick your brain for one more piece of advice, what should I run to protect myself in the future? I have the McAfee Security Center provided by AOL, obviously Malwarebytes and AVG in my panic to rid myself of this pest. Thanks again!
I'm glad I was able to help. Below is a link to a thread where I outline some of the best practices that will help you stay protected. The most important suggestion I can give you is not to run more security software, but to manage your computing behaviors. Things like keeping your computer up-to-date and not trusting questionable sites or software are extremely important. [FAQ] How to prevent future infections