It is very scary and seems like a hopeless situation, since it won't let anything run, including the task manager. However, I had immediate success using the advice of this article, which I read Friday from my work computer. I put the SUPERAntiSpyware product linked in the article on a thumbdrive and ran it while I was disconnected from the internet. I can't make an expert recommendation, but I did have success.
I didn't run in safe mode, but followed a tip I read in a long list of comments at How To Geek. With "Antivirus Live" infection, you have a 20 or 30 second grace period after Windows XP boot where you can bring up the task manager and see the malware initializer running as XXXXsysguard.exe ( XXXX is a variable alphameric string. ) I was able to kill it from the task manager, and it didn't come back while I installed and ran SUPERAntiSpyware from the thumbdrive, and by all appearances I am rid of the thing, but you never know! I was certainly pleased by the apparent quick and easy success after the many dire accounts of its tenacity, so I just thought I'd share this experience with FR.
This seems like a pretty widespread problem, but maybe that's just because I got it.
Take frequent incremental backups.
I solved this problem about 3.5 years ago. I bought the wife a Mac and used Ubuntu on my computer.
The iMac I bought for her works as well today as it did that day I bought it in 2006. Actually it works better with Snow Leopard on it.
I know all the arguments people make about Mac—too expensive, etc. But we simply haven’t had to spend a penny on anti-virus, nor a minute of time on removing viruses.
And I don’t see the need to replace that computer for years to come.
In the end, I would rather enjoy a worry free computing experience instead of all the stuff I see on this post.
My computer was nailed by this 3 days ago. I took it to the pros and they cleaned it up for $70. Everything I tried didn’t work, including running the malwarebytes program. I’ll try this if it happens again.
mark
ph
This is the first malware script I’ve been infected with in 10 years.
It was simple to get rid of....First I unplugged my network cable then shut down the computer. Since it won’t let you open any executable programs after it boots up into memory, after restart, I immediately opened MSCONFIG and disabled it under the startup tab. Rebooted and it was gone. Searched for all remnants and removed them. Fixed the corrupt proxy setting with Hijack this!. 15 minutes tops....Harmless bugger.
My brother in law, small cash register co owner, used the quick(grace) method to rid a customer of this bug.
I couldn’t get to the control panel on one of my customers PC. I booted to safe mode and used a flash drive to install Malwarebytes. I also ran the program from safe mode. Cleared it right up.
Ping for later.
Using the flashdrive is a great idea
There is a version of this called Malware Defense that installs a rootkit on your PC. The rootkit has to be disposed of before you can remove the infection.
The rootkit can be killed with a program called TDSS Killer found at the Kaspersky antivirus site. You’ll need to download it on a different computer, then transfer it on a thumb drive.
Once you’ve run the TDSSKiller, the real AV software will come back and you can download and run Malware Bytes to get rid of the infection.
My mom’s PC was infected with this garbage. It shut off her antivirus and bombarded her with popups, shutting off everything except an IE window that went to the page where she could purchase the “full version” of this virus. Luckily, she called me before she entered a credit card.
I got that crap and had to use AVG anti-virus. Then it came back and I used PC Tools anti-virus software called Spyware Doctor. It’s gone for good now!!!!
Antivirus Live is a rogue anti-spyware and ransomware program from the same family as Antivirus System Pro. This infection is installed on your computer through Trojans that install it automatically without your permission. Once installed,
Tools Needed for this fix:
Both my son and Mother In Law have had this type of virus. My advise. Install Malwarebytes' Anti-Malware before you have the problem and update it once in a while.
Thanks for posting this. I have a Mac, but DH has a Dell.
I got a similar virus about a month ago. Basically it took over the pc. Every program I tried to run would come back with a message saying “the exe file is infected” and then tried to blackmail you into buying “the cure”.
Finally was able to boot up in safe mode and reload the OS. It was a pain in the rear. I hope these crooks get caught.
I got it last week too...instead of Windows’ antispyware I have two other programs running constantly, hence I knew the “warning” was bogus. I immediately shut down, restarted in safe mode, ran System Restore, then a SuperAntiSpyware scan. Problem solved.