• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 671
  • Last Modified:

URGENT - Attacked by AntiVirus live program.....won't let me do anything

I was working on my computer and a program called "AntiVirus Live" started to scan my computer and warn me that a keylogger program was "attacking" my computer. I can't do anything with my PC...I can't do a system restore, it has hijacked my browser. About the only thing it will let me do is purchase the program for around $50. WHat can I do? PLEASE HELP!!!!
0
sheana11
Asked:
sheana11
  • 6
  • 5
  • 3
  • +2
3 Solutions
 
farazhkhanCommented:
Hi,

From any other PC or if possible from this PC download Malware Byte http://www.malwarebytes.org/mbam.php and run a scan over infected your PC.

Regards,
Faraz H. Khan
0
 
optomaCommented:
Boot into safe mode with networking
Run disk cleanup and atf cleaner http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25
Browse to C:\*username*\local_settings\application_data and look for a folder with a "garbled" name.
Check the contents and if it contains a sysguard.exe file then delete that folder

Restart machine and scan with Malwarebytes(as mentioned) and Combofix and attach their logfiles here after

http://www.malwarebytes.org/mbam-download.php
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

0
 
sheana11Author Commented:
Optoma, I'm now running malwarebytes.
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
splaitCommented:
@sheana11 -

If possible, run the tests and procedures in the order optoma tells you.  There's good reason for it.

You can finish the Malwarebytes scan you're running now, but then start his procedure.
0
 
sheana11Author Commented:
Attached is the malwarebytes logfile
mbam-log.txt
0
 
splaitCommented:
How is it running?
0
 
sheana11Author Commented:
internet explorer is damaged...can backup files but how can i restore IE without a recovery operation?
0
 
splaitCommented:
What OS are you running, and which SP?  If you are running IE 7 or 8, read this:

http://support.microsoft.com/kb/318378
0
 
sheana11Author Commented:
I am running Win XP Media Center Edition
0
 
DooDahCommented:


 You have encountered MAL-WARE/SPY-WARE.

I assume you hae a ANTIVIRUS program already installed, but if you can sill install software go out an get SPYSWEEPER with ANTI-VIRUS at WAL-MART or what ever store is close to you.   Comes in a GREEN and YELLOW Box, MiniBox, or CD-SLEEVE.   It will clean your system and intercept the sites like the one you encountered with a WARNING for the SITE before you proceed.

With Symantec Antivirus, Webroot SpySweeper, and Acronis True Image Workstation on weekly backup, I have never been taken down in the last 10 years.     COMPUTE with CONFIDENCE

0
 
DooDahCommented:

If you have anti-virus already, the INSTALL CD will also run a SCAN and CLEAN, if you don't I recommend running SYMANTEC-NORTON and Webroot SpySweeper in tandum.   I encountered TROJANS and WORM  that NORTON FLAGGED and WEBROOT QUARANTINED, it was an awesome collaboration.

With Symantec Antivirus, Webroot SpySweeper, and Acronis True Image Workstation on weekly backup, I have never been taken down in the last 10 years.     COMPUTE with CONFIDENCE
0
 
splaitCommented:
@DooDah -

I have to strongly disagree with you about Norton.  For most people running PCs at home, Norton is a huge resource hog.  Most privately-owned PCs running XP don't have enough RAM or processor power to deal with Norton's requirements, not to mention the problems when you try to "upgrade the product.

There are several excellent alternatives out there to both Norton and McAfee, one of which is ESET Smart Security 4.0.  Symantec (owner of Norton products) has caused 'way too many people grief over the last 20 years for me to advise anyone to use it.

Since she is running XP Media Center, it's likely @sheana11's PC is at least two years old, probably more then three.  She should stay away from the "Big Two".

I don't make these statements without much experience.  I have worked on over 2,000 PCs since 2001, and most of them started out with either Norton or McAfee.  Fully 25% had some sort of serious problem with their original Internet security product.  Now, the only real problems I see with security software are with new clients still using those products.
0
 
DooDahCommented:

@splait  Configured properly...  I have no idea what you are talking about.    I am curently supporting XP Media Center PC's,  your experiences are probably due to incorrect configuration.

>>  I have worked on over 2,000 PCs since 2001
Don't be so quick to assume you have more expereince (your AVATAR appears to have MORE hair than me).  Try since my 1984 vs your 2001 comparison.

With all respect, I stand by my original post, with the following;

>>@sheana11's PC is at least two years old, probably more then three.
Exactly "at least two years old, probably more then three" it is NO ACCIDENT that WAL-MART stocks BOTH  SPYSWEEPER with ANTI-VIRUS at WAL-MART and SYMANTEC-NORTON Antivirus - Not Internet Security at WAL-MART.

It is today's commentary that the MAL-WARE/VIRUS problem is so envasive for the AVERAGE USER that WAL-MART stocks, sells, and sells-out of  BOTH SPYSWEEPER with ANTI-VIRUS at WAL-MART and SYMANTEC-NORTON Antivirus at WAL-MART...

WAL-MART is OPEN 24hrs a Day, 7 Days a week...  Get some now...  at WAL-MART
 
0
 
optomaCommented:
>Could you also run Combofix, follow its proceedure and attach logfile after.
>In what way is IE damaged?

I agree with Splait on Norton, sorry! :(
0
 
sheana11Author Commented:
As IE was completely demolished, I had to perform a recovery operation. However, I would not have been able to even do that had it not been for the help of the experts here. So I am awarding points to those whose advice led me to a successful conclusion. ( I was able to backup and save all my data thanks to you, so reformatting didn't rattle me at all).
0
 
sheana11Author Commented:
Forgot to mention that I had problems with reformatting, but I'll get to that in another question.
0
 
optomaCommented:
No prob. Ill take a peek at new thread :)
0
 
splaitCommented:
i'm glad you're back up!  Congratulations!
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 6
  • 5
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now