Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anitvirus Live Infection


  • Please log in to reply
3 replies to this topic

#1 tadams

tadams

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 10 December 2009 - 06:55 PM

I acquired Antivirus Live today and have tried every removal process listed and cannot get rid of it. It just keeps evolving and now I had to finally just turn if off because I can't stop the porn pop-ups. I have not allowed any of the pop-ups to excecute. I have said "no" or X'd them all out even though they just come back. I do know a little about how these work.

First I could not open anything including my malware or antivirus removal programs, internet explorer or anything else. So I downloaded all the suggested fixes through another computer (Malware Bytes, CCleaner, rkill, Spy Doctor, etc.) and saved it on the network so I could access them there. I could not access IE to turn the LAN thing off. I restarted my computer in Safe Mode with Networking and installed and ran Malware Bytes even with the Antivirus Live popping all over the place. I removed everything it said when it was done and restarted. It seemed better for a minute, but the pop-ups started back up when I ran the CCleaner and got worse after is was done and everything was removed. I tried Spy Doctor, but it would not open. I tried to restart the computer in Safe Mode 3 times, but it kept freezing in DOS. I restarted it normally and then the pop-ups added porn. I cannot run msconfig and rkill does nothing. I tried to run Malware Bytes again and now it won't open. Now the porn is getting worse. Had to shut the computer down manually.

I am using another computer because I cannot use the email on the infected one and cannot attatch any files from it. I am at my wits end and it is my business computer. Obviously this thing has changed form over the past month. Any new updates and HELP is greatly appreciated. I run a business and now that has come to a HALT.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,252 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:24 PM

Posted 10 December 2009 - 07:38 PM

http://www.bleepingcomputer.com/virus-remo...-antivirus-live

Worth reading, in full, IMO.

Louis

#3 tadams

tadams
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 11 December 2009 - 10:23 AM

Those are the directions I followed. That's why I made reference to the "LAN settings, rkill, and Malware Bytes". I didn't work.

#4 tadams

tadams
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 11 December 2009 - 03:50 PM

Well so much for BleepingComputer.com. After hours of following all the directions from you more than once with no results, most of it not working because the malware didn't allow me to do half what was listed, and no response from anyone, I found this:

Here’s a 5 minute fix. Click the ASP taskbar icon(the shield) to open the ASP main window. Right click “Properties”. You should be able to highlight the full location of the program ’s *sysguard.exe file. It’s the location listed under “Address (URL)”. You may only see 2 lines of the address, so you’ll need to left click-hold and highlight the address so you can drag down to see the final, randomly named folder and file name (ending in sysguard.exe). Write down the file path, restart in safe mode, then find the folder and file using “My Computer” or “Windows Explorer”. Delete the file, then the folder, then the “windows\system32\iehelper.dll” file. Restart in normal mode, run Malwarebytes and it should be over.

My computer is now fixed. Thanks to Spywarevoid.com. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users