PC Live Guard

[rk47]

OK some idiots at work decided to click 'yes' one too many times when prompted with pop-outs.
Who the hell knows what they surf on New Year's Eve while at night shift, yes?

So far I noticed:
1. Task Manager disabled.
2. Pop outs telling me of virus this and virus that.
3. And I think the software messed with windows protection as well.
4. Mozilla keeps telling me any site I went to as 'dangerous' including F13.net LOL

Is this desktop really screwed? Do I have to nuke the windows XP?
Is it safe to plug in a thumbdrive to recover some important datas? Will my drive get infected?

So....(insert bat-logo Help F13! image)

[Prospero]

Not positive, but I'm pretty sure there are some freeware AV apps you can stick on a thumbdrive and then send in to do battle. It would be worth googling around.

[Chimpy]

You can always make a linux boot CD with bitdefender on it, boot into that, and have it clean the drive. That usually gets rid of a lot of the nasties you cannot get rid of in windows directly.

[Engels]

A lot of the latest spyware/trojans out there masquerade as anti-virus programs that try to get you to click on their pretend gui (the popups you describe) for further infection goodness. At this stage, with the varieties of symptoms you're describing, I think its a fair guess that your registry is now a pock marked hell hole. Although for the purposes of data retrieval I would follow my fellow f13ers advice, such as the linux cd with bit defender, after you have secured your data, nuke that hard drive from orbit and reinstall. Its the only way to be sure that's a safe computer to use for any secure transactions.

[Trippy]

OK some idiots at work decided to click 'yes' one too many times when prompted with pop-outs.
Who the hell knows what they surf on New Year's Eve while at night shift, yes?

So far I noticed:
1. Task Manager disabled.
2. Pop outs telling me of virus this and virus that.
3. And I think the software messed with windows protection as well.
4. Mozilla keeps telling me any site I went to as 'dangerous' including F13.net LOL

Is this desktop really screwed? Do I have to nuke the windows XP?
Is it safe to plug in a thumbdrive to recover some important datas? Will my drive get infected?

So....(insert bat-logo Help F13! image)

If you don't care about any other apps/junk that may have been installed before the infection you can use System Restore to hopefully get the machine back into a usable state.

Edit: care

[Engels]

Cept a lot of these buggers infect system restore files as well :/

[Numtini]

Some of the fake AV infections are pretty nasty, but so far I haven't had any that didn't eventually get cleaned out by booting into safe mode and running malwarebytes. You might need to run it three or four times though.

[Kail]

Got hit with this about a month ago, and ended up buying this useless PC Doctor thing to get rid of it, but it didn't work too well (kept catching the virus, but it wasn't able to get rid of it completely on it's own for some reason and kept re-installing every time I rebooted).

The thing has a process in the task manager you can kill manually if you can open it (generally has "sysguard" somewhere in it, as far as I can gather, on my computer it was "qwqhsysguard").  If you can't get in to the task manager, microsoft has a utility called PSTools which you can use to list (PSList) and kill (PSKill [name]) processes from the command prompt.  I don't know if this is universal, but I couldn't open my command prompt once this thing was loaded, but right after the computer booted up I could load the command prompt and then kill the process as long as I was quick.  I had a batch file set up to do it until I tried running another scan with Avast (which was blocked while the process was active) which managed to scrub it fairly well.  Things have worked fine since then.

[rk47]

OK managed to clear it with Malwarebytes Anti-Malware removal software. Fuck, after getting hit with brontok.a virus last month, it's pretting refreshing to see a threat removal going so smoothly as it did. Fucking Live Guard is a scam software planting virus-infected files to make me buy their removal software.

Asked the night shift wtf they did and they claimed they 'accidently misclicked' while trying to print something.

"Yeah, but what did you surf on the interwebz at that moment, dipshit?", I wanted to ask but I'll leave it to my Boss to settle.

[Karlsmith]

first clean all your drivers with newest AV before nuking your XP .. 

[NiX]

first clean all your drivers with newest AV before nuking your XP .. 

Less reflective text, please!