Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Win 7 Antivirus 2012 ~ Virus Removal Help


02 Jan 2012   #11

Microsoft Windows 7 Professional 64-bit
 
 
@ Night Hawk

Hi Night Hawk,

I am not really sure where I need to start up on the Malware Removal instrutions.
It appears Win 7 Antivirus is only showing up now in my Control Panel Notification area.

I ran a Thorough Scan x 2 (Avast & Malwarebytes) per Malware Removal instructions.

First using Avast ... got 0 issues,




Next I ran Malwarebytes, came up again with 0
I also checked the Quarantined Tab, just to be sure, only the same 10 were there.





That made me feel better until I checked Control > Notifications Area Icons and saw that mess.

I'm still NOT having issues with pop ups, browser redirects, exe issues ..

Any suggestions on where I should begin to clear those items out of my Control Panel ...

I seriously hate knowing those three items are still showing ::
Proxycheck.exe > gud.exe > dwx.exe




I have also used CCleaner to clear out all the old temp files.


Do you think dumping my Restore points would help ???

I'm kind of at a loss now, don't know what to do to get rid of three things.

I already tried to find them via Task Manager > Process's & services ..
Also msconfig.exe > StartUp & Services .. NO LUCK with either of those.

Thank you so much for all the help and direction, hope you can figure this one out.

Jenn


My System SpecsSystem Spec
.

03 Jan 2012   #12

Microsoft Windows 7 Professional 64-bit
 
 
@ BigCityCat (RE: Ubuntu)

Quote   Quote: Originally Posted by bigcitycat View Post
I hate to say this because I love Windows but don't online bank with a windows pc. Download a copy of Ubuntu and burn it to disc. Boot your pc with the dvd in your dvd player and select try without installing. Plugin internet directly and bank with it as a live dvd. Guaranteed safe.

Download Ubuntu | Ubuntu
Hi BigCityCat,

Mission accomplished .. I did it, I created the CD to use and my Laptop booted right to it with no issues.

Once on the Desktop I opened Firefox, connected with my Wireless then pulled up my banking site and managed to take care of business with no problem.

Then I decided to look/play around and see what I could understand.

Somehow that CD even had my D:\ drive storage items on it .. listed under a Data Icon. They were a mess, none alphabetical and I couldn't find a way to straighten them out but still when I opened the individual folders things were there and I understood the concept.

After playing around for awhile when I got ready to sigh out of it I couldn't figure how in the world to stop the CD .... I looked everywhere under every Menu no buttons to do it buy.

Finally went back to the Desktop and searched for HELP ..
Immediately the Log Out and Shut Down buttons became visible.
Boy was I LOST for a moment .. good learning experience.

Thank you so much for the input to help me with my online banking.

Have a Good Evening.

Huggs Jenn
My System SpecsSystem Spec
03 Jan 2012   #13

Windows 7 Home Premium x64
 
 

Remove Win 7 Antispyware 2012 and Vista Antivirus 2012 name changing rogue (Uninstall Guide)

I've used instructions from these people before on an unrelated problem and was completely satisfied. Good luck!
My System SpecsSystem Spec
.


03 Jan 2012   #14

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

That shows it to be the same worm type virus I saw VIPRE clean right off. They like to trash Windows even once you have them off entirely when you later start running into various problems!

For the 30 day trial which will work you would first need to uninstall Avast being another av program. This type of virus generally doesn't try to recode files you have stored on the drive like other viruses but mainly targets the registry and some system files.

I would recommend backing things up just in case you end up needing to wipe the drive clean for a fresh install. Later once everything was back on creating a full system image to be stored on a separate drive would be the idea. The restoration of an image will wipe the drive for you during the process.
My System SpecsSystem Spec
03 Jan 2012   #15

Windows Seven, Ubuntu
 
 

Quote   Quote: Originally Posted by JennB213 View Post
Quote   Quote: Originally Posted by bigcitycat View Post
I hate to say this because I love Windows but don't online bank with a windows pc. Download a copy of Ubuntu and burn it to disc. Boot your pc with the dvd in your dvd player and select try without installing. Plugin internet directly and bank with it as a live dvd. Guaranteed safe.

Download Ubuntu | Ubuntu
Hi BigCityCat,

Mission accomplished .. I did it, I created the CD to use and my Laptop booted right to it with no issues.

Once on the Desktop I opened Firefox, connected with my Wireless then pulled up my banking site and managed to take care of business with no problem.

Then I decided to look/play around and see what I could understand.

Somehow that CD even had my D:\ drive storage items on it .. listed under a Data Icon. They were a mess, none alphabetical and I couldn't find a way to straighten them out but still when I opened the individual folders things were there and I understood the concept.

After playing around for awhile when I got ready to sigh out of it I couldn't figure how in the world to stop the CD .... I looked everywhere under every Menu no buttons to do it buy.

Finally went back to the Desktop and searched for HELP ..
Immediately the Log Out and Shut Down buttons became visible.
Boy was I LOST for a moment .. good learning experience.

Thank you so much for the input to help me with my online banking.

Have a Good Evening.

Huggs Jenn
Happy to help. Glad it was a good experience.
My System SpecsSystem Spec
03 Jan 2012   #16

Microsoft Windows 7 Professional 64-bit
 
 
@ indianacarnie

Quote   Quote: Originally Posted by indianacarnie View Post
Remove Win 7 Antispyware 2012 and Vista Antivirus 2012 name changing rogue (Uninstall Guide)

I've used instructions from these people before on an unrelated problem and was completely satisfied. Good luck!

Thank YOU so much and I appreciate your time and the link.

Jenn
My System SpecsSystem Spec
03 Jan 2012   #17

Windows Seven, Ubuntu
 
 

Jenn
Check this article as to why.
Security Fix - Avoid Windows Malware: Bank on a Live CD
My System SpecsSystem Spec
03 Jan 2012   #18

Microsoft Windows 7 Professional 64-bit
 
 

Quote   Quote: Originally Posted by Night Hawk View Post
That shows it to be the same worm type virus I saw VIPRE clean right off. They like to trash Windows even once you have them off entirely when you later start running into various problems!

For the 30 day trial which will work you would first need to uninstall Avast being another av program. This type of virus generally doesn't try to recode files you have stored on the drive like other viruses but mainly targets the registry and some system files.

I would recommend backing things up just in case you end up needing to wipe the drive clean for a fresh install. Later once everything was back on creating a full system image to be stored on a separate drive would be the idea. The restoration of an image will wipe the drive for you during the process.
Thank You so much Night Hawk,

Since I'm not having the pop-ups, re-direct issues or any other virus related problems right now I really don't want to have to reformat my computer.

Right now my scans are coming up clean and I can't find anything that the Fake Virus is doing except those 3 entries showing in the Notification Area Icons, which I would love to get rid of but not enough to reformat.

I read some articles today about understand the Registry finally felt comfortable enough to venture in and look around.

I found BOTH the gud.exe and the dwx.exe in the Registry under the Key HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache.

Being a novice I backed out of the Registry without doing anything but wondered what would have happened if I had deleted those two values.

Anyway I think I'll try to find a Registry program that will help me to delete those two items without fear ..

I never did find anything on the proxychecker.exe but I have found how to hide it within the Notification Area.

Again,Thank YOU so much I appreciate the time you've devoted trying to help me.

Jenn
My System SpecsSystem Spec
03 Jan 2012   #19

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

You're welcome!

You would have been better dumping the entry for the gud.exe or rather that being the alias name used for the VC1.exe which is added into the registry as a start up item for trojan dropping and other things while remaining hidden. This isn't the only malware it's been seen with.

It's basically the same thing for the dwx.exe file being another trojan dropper added into the reg as a start up item. Those two will help auto load the main virus as the system starts up. They work much as backdoor trojans.

On each you first find the file location before removing the reg entry and then restart the system before attempting to manually delete the files from the drive. The restart will insure the processes have ended once the reg entries are no longer there to start them up again.

When editing the registry I can understand your concerns. You have to treat everything like a separate file or folder where you want to be looking only one thing at a time and verify any changes you make are for that one thing only. But if your av or other security programs are not able to remove them for you you end up doing the manual walk and just have to confirm those two and those two only are deleted there.

As for the ProxyChecker.exe file that's not a malware. One report on it can be seen at ProxyChecker Antivirus Scan Results - ProxyChecker 100% Clean Program

ProxyChecker basically checks lists of proxies. This is mainly used as a network tool and not anything to be worried about according to that plus other information on it. The other two you have there however get the bad rep one first seen in 2009 and the other in 2010 the gud.exe being the older of the two and far more widespread with other fake programs.
My System SpecsSystem Spec
04 Jan 2012   #20

Microsoft Windows 7 Professional 64-bit
 
 
@ Night Hawk

NightHawk,

I wanted you to know I haven't bailed on you.
My daughter's little dog was run over & killed today by her roommate.
We are all really big dog lovers and I've been with her.
I'm so tore up, don't feel like I can handle computer today.

I will write back to you tomorrow.
I am going to take your suggest and delete those two value's,
but probably not a good idea for me right now, brain to scattered.

Talk to you tomorrow.

Thank YOU for all your input and help.

Jenn
My System SpecsSystem Spec
Reply

 Win 7 Antivirus 2012 ~ Virus Removal Help




Thread Tools



Similar help and support threads for2: Win 7 Antivirus 2012 ~ Virus Removal Help
Thread Forum
Want ideas for Virus removal if virus shows up in safemode CMD System Security
I got a virus called "Win 7 antivirus 2012" It killed my win defender System Security
No internet after windows 7 antivirus 2012 removal System Security
Trend Micro Fake Antivirus (FakeAV) Removal Tool [Beta] System Security
Help with removal of antivirus 8 System Security
After Virus Removal System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:10 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33