It looks like a lot of people are having the same problem I am.
My computer was infected with the Antivirus Live malware a few days ago. Their pop ups tell me I am infected with the Bankerfox.A and Nuqel viruses and it runs a scan and keeps trying to get me to download their program. I cannot access the internet to download malwarebytes or copy any of the files to your website like you have asked others to do. I am writing this from my MSNTV2 browser which cannot download files because it does not have a hard drive.
The malware put an icon on my control page that says hs_err_pid1512. I clicked on properties and it said: Text document, 12KB, 193.134.61.2, Port 44700, Original Location: c:\Documents and settings\My Name\Desktop. Then I deleted it into my recycle bin. People on the internet said one of the files it leaves is called sysguard.exe so I was able to run the search feature for that and deleted it into my recycle bin. It also planted a shield icon next to my other icons at the bottom of my screen and it has a pop up. I clicked on one of the alert pop ups and clicked properties and it said the url is kaka://c:\Documents and settings\my name\Local settings\Application!
I went into programs and was able to click on latest and it showed a progam called EDT Ware. Suspiciously, it said the last date used was 11/18/2010! It also had PS/2-x86 5.0.0.5 WHQL. Since I am not very experienced with computers I wasn't sure whether to remove it although I was very tempted to since it had the word "ware" in it and the date was so suspicious. Later when I went back to remove it because I figured it was the malware, the antivirus pop up blocked me as it does with pretty much anything I try to do. I notice now when I boot up I have about a 30 second window where I can act before the malware loads and starts throwing pop ups. So I used the 30 sec window to delete the EDT Ware program. I tried to access the internet to download malwarebytes during this window but couldn't. The Internet Explorer page looks like a fake page created by their malware and keeps trying to get me to download their program. It was also loading porn sites until I deleted the EDT Ware program. So far, those have not loaded again.
I tried to run taskmanager so I could look at the files but when the files load it blocks them. Even when I hold Shift+ CTRL+ Escape.
It does seem to be quite a bit better since I removed the EDT Ware program. I'm still getting the pop ups but not as many and it seems to have taken some of the wind out of their malicious program. I also tried running the clean disk feature and it cannot run.
I don't have much experience on computers. About ten years ago I started teaching myself some stuff but really know very little. I don't even know how to boot in safe mode as you have instructed others.
Thanks for an help you can give.
My computer was infected with the Antivirus Live malware a few days ago. Their pop ups tell me I am infected with the Bankerfox.A and Nuqel viruses and it runs a scan and keeps trying to get me to download their program. I cannot access the internet to download malwarebytes or copy any of the files to your website like you have asked others to do. I am writing this from my MSNTV2 browser which cannot download files because it does not have a hard drive.
The malware put an icon on my control page that says hs_err_pid1512. I clicked on properties and it said: Text document, 12KB, 193.134.61.2, Port 44700, Original Location: c:\Documents and settings\My Name\Desktop. Then I deleted it into my recycle bin. People on the internet said one of the files it leaves is called sysguard.exe so I was able to run the search feature for that and deleted it into my recycle bin. It also planted a shield icon next to my other icons at the bottom of my screen and it has a pop up. I clicked on one of the alert pop ups and clicked properties and it said the url is kaka://c:\Documents and settings\my name\Local settings\Application!
I went into programs and was able to click on latest and it showed a progam called EDT Ware. Suspiciously, it said the last date used was 11/18/2010! It also had PS/2-x86 5.0.0.5 WHQL. Since I am not very experienced with computers I wasn't sure whether to remove it although I was very tempted to since it had the word "ware" in it and the date was so suspicious. Later when I went back to remove it because I figured it was the malware, the antivirus pop up blocked me as it does with pretty much anything I try to do. I notice now when I boot up I have about a 30 second window where I can act before the malware loads and starts throwing pop ups. So I used the 30 sec window to delete the EDT Ware program. I tried to access the internet to download malwarebytes during this window but couldn't. The Internet Explorer page looks like a fake page created by their malware and keeps trying to get me to download their program. It was also loading porn sites until I deleted the EDT Ware program. So far, those have not loaded again.
I tried to run taskmanager so I could look at the files but when the files load it blocks them. Even when I hold Shift+ CTRL+ Escape.
It does seem to be quite a bit better since I removed the EDT Ware program. I'm still getting the pop ups but not as many and it seems to have taken some of the wind out of their malicious program. I also tried running the clean disk feature and it cannot run.
I don't have much experience on computers. About ten years ago I started teaching myself some stuff but really know very little. I don't even know how to boot in safe mode as you have instructed others.
Thanks for an help you can give.