Scarica ed esegui Avenger e nella finestra che si apre copia/incolla:

Files to delete:
C:\WINDOWS\sysexplorer.exe
C:\WINDOWS\spoolsystem.exe
C:\WINDOWS\syscert.exe
C:\WINDOWS\sys.com
C:\WINDOWS\vmreg.dll
C:\WINDOWS\reged.exe
C:\WINDOWS\system32\winscenter.exe
C:\WINDOWS\system32\drivers\TDSSmaxt.sys
C:\Program Files\Spyware Guard 2009\spywareguard.exe
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\vqwurqmtrf.dll

folders to delete:
C:\Program Files\Spyware Guard 2009

registry values to delete:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run | spywareguard
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad | InternetConnection
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad | ieModule

registy keys to delete:
HKLM\system\currentcontrolset\services\TDSSserv.sy s
HKLM\system\controlset001\services\TDSSserv.sys
HKLM\system\controlset002\services\TDSSserv.sys
HKLM\system\currentcontrolset\enum\root\legacy_TDS Sserv.sys
HKLM\system\controlset001\enum\root\legacy_TDSSser v.sys
HKLM\system\controlset002\enum\root\legacy_TDSSser v.sys
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Spyware Guard 2009
Spunta "Automatically disable any rootkits found" e clicca su "execute". Il pc si riavvierà.


Esegui CCleaner e ripulisci i file temporanei e i cookie (eseguilo 2 volte)


Apri un file di testo e copiaci dentro:

Windows Registry Editor Version 5.00

[-HKey_Classes_Root\CLSID\{06D6CF3F-E4FA-4FA6-AA5C-CB36D9F524EC}]

[-HKey_Classes_Root\CLSID\{E3663956-B40E-4860-B30A-14DCE009C294}]
;
salvalo come:
nome: fix.reg
tipo di file: tutti i file

chiudi ed eseguilo. accetta le modifiche

Ora prova a fare la scansione con malwarebytes e posta anche un nuovo systemscan.

ciao