Antivirus Live Takeover / Susan Brown, Your Texas Connection, Keller Williams Realty

By
Real Estate Agent with Keller Williams NE, Kingwood Texas (Humble & Atascocita too)

I was working on my computer the other night when a pop-up box came up on the lower right of my screen saying I had a virus.  From there everything became unbelieveable.  I clicked on the box to get rid of it but a bigger box came up in the middle of my screen.  It began showing all the files that had been affected by the virus.  I tried to close that - it wouldn't go away.  I tried to get to my home page.  I got the same box.  I restarted my computer a few times but always got stopped by the same boxes.  It was as if something had hijacked my computer.  Indeed it turns out it had.  I had been hijacked by Antivirus Live.  
Antivirus Live Box
Thankfully I was able to access the internet on my phone.  I found many websites with steps to get rid of Antivirus Live so I began to read what the steps were.  They ranged from restarting in a safe mode (F8) to right-clicking in the Start bar as quickly as possible before the virus could take over again.  That was what ended up working for me.

Here are the steps I followed (Thanks to Shami from Soft Sailor & Protected from Bleeping Computer)

  • Restart computer, quickly right-click on the Start Task Bar, opening a box that has Task Manager
  • Click on Task Manager, which will stay open regardless of the virus
  • Click on the Processes Tab
  • Make sure the box "Show Processes from All Users" is checked
  • Then under image names, look for sysguard.exe Other letters can be in front of this file name like edsysguard.exe - so look carefully.  Left-click the file & click on End Process.  Make sure you do this for every file that has the sysguard.exe ending.
  • Now click on Start, Control Panel and double-click on Internet Options
  • Click on the Connections tab and Lan Settings on the lower right
  • Make sure the Proxy Server box is NOT CHECKED.  (This is the way the virus takes over your computer) 
  • Click OK
From here, you can get on the internet and get Malware to clean up the damage Antivirus Live has done to your computer.  Go to www.malwarebytes.org and download the Free version of malware.  When you have it on your computer, the home screen will offer you a choice of performing a quick scan or full scan.  Choose the quick scan.  AND WAIT.  This will take some time.  Be patient.  (Don't be worried by the purchase box on the bottom right.  You are not asked to buy anything here)
Malwarebytes
When completed, a box will appear saying "The scan completed successfully.  Click 'Show Results' to display all objects found." Click OK  and you'll see the number of files infected by the virus.  You check all of those and click on Remove Selected.  Then Exit.

All should be well again with your computer.  It was an experience to say the least.  Thank goodness I had another way to access the internet because I needed all the expertise I could find online.  

Susan Brown, Your Texas Connection sells real estate in Walden on Lake Houston, Eagle Springs, SummerwoodAtascocita, TX, Kingwood Greens, Royal Shores & Kingwood, TX - just to name a few!  Susan's the team leader for Your Texas Connection at Keller Williams Realty NE.  Visit their website for more in depth info about the team and what they can do for you.  Or call Susan direct (281) 415-1454 if you'd like her to start working on your behalf today!

Posted by

             Susan Brown       

Susan Brown, Your Texas Connection, Keller Williams Realty

(281) 415-1454   www.YourTexasConnection.com

 

 

close

This entry hasn't been re-blogged:

Re-Blogged By Re-Blogged At
Topic:
ActiveRain Community
Location:
Texas
Groups:
Addicted to Active Rain
Diary of a Realtor
Real Estate Technology
Real Estate Tomato Bloggers
Realtors®
Tags:
susan brown
your texas connection
keller williams realty
antivirus live
malware bytes
soft sailor
bleeping computer

Anonymous
Post a Comment
Spam prevention
Spam prevention
Show All Comments
Ambassador
1,258,991
Tammie White
Benchmark Realty, LLC (615) 495-0752 or www.TWRealtyGroup.net - Franklin, TN
Franklin TN, South of Nashville

Wow thanks for the tip.  I'll have to remember this for future reference.

Jan 30, 2010 11:22 AM #1
Rainmaker
446,531
Vickie McCartney
Maverick Realty - Owensboro, KY
Broker, Real Estate Agent Owensboro KY

Hi Susan~  I had the same thing happen to me!  But I did not have access to the internet then.  I do now because I went and got an iphone!  I lost everything at that time on my computer.  It was awful to say the least! 

Jan 30, 2010 11:25 AM #2
Rainmaker
261,234
Barb & Sal Dragotta
Macomb, MI
Macomb County Michigan

Susan...OMG--my head just exploded and my eyes shot blood [to quote Glenn Beck] what a horrible thing to experience. I have had to use that task manager at times to 'fix' situations and will go back into see if  the box for Proxy Server is unchecked. FYI thee is a free & purchase program out there called Avast which is an on-access scanner. Both of us have the purchase program on our computers. It is something to look into, but don't know how it interacts if you have McAfee or Norton running.
Thanks for the info. Prosperous 2010 to You & Yours.
Barb 

Jan 30, 2010 11:35 AM #3
Rainmaker
308,022
Susan Brown
Keller Williams NE, Kingwood Texas (Humble & Atascocita too) - Kingwood, TX

Tammie - Hang on to the steps just in case!

Vickie - What a mess and unbelieveable that something could just barge in and take over your computer!

Barb - Thanks so much, I"ll check out Avast.  You know I hate to say it but I never thought too much about virus protection, etc.  I sure do now!

Jan 30, 2010 12:19 PM #4
Rainmaker
293,108
Nick Zappa
Eagles Wings Realty - Montrose, CO
Professional treatment of our clients, brings awes

Susan thanks I just did the download.

Jan 30, 2010 12:20 PM #5
Anonymous
Anonymous
Jim Dunlap

Thanks for this information.  I'm going to print it for future use.

Jan 30, 2010 01:42 PM #6
Rainmaker
308,022
Susan Brown
Keller Williams NE, Kingwood Texas (Humble & Atascocita too) - Kingwood, TX

Nick - You're welcome. 

Jim - Great to have just in case.

Jan 30, 2010 09:13 PM #7
Anonymous
Post a Comment
Spam prevention
Show All Comments
Rainmaker
308,022

Susan Brown

Ask me a queston
*
*
*
Spam prevention

Additional Information