Win 7 Antivirus 2012 ~ Virus Removal Help

Hi Night Hawk,

I am not really sure where I need to start up on the Malware Removal instrutions.
It appears Win 7 Antivirus is only showing up now in my Control Panel Notification area.

I ran a Thorough Scan x 2 (Avast & Malwarebytes) per Malware Removal instructions.

First using Avast ... got 0 issues,




Next I ran Malwarebytes, came up again with 0
I also checked the Quarantined Tab, just to be sure, only the same 10 were there.





That made me feel better until I checked Control > Notifications Area Icons and saw that mess.

I'm still NOT having issues with pop ups, browser redirects, exe issues ..

Any suggestions on where I should begin to clear those items out of my Control Panel ...

I seriously hate knowing those three items are still showing ::
Proxycheck.exe > gud.exe > dwx.exe




I have also used CCleaner to clear out all the old temp files.

Do you think dumping my Restore points would help ???

I'm kind of at a loss now, don't know what to do to get rid of three things.

I already tried to find them via Task Manager > Process's & services ..
Also msconfig.exe > StartUp & Services .. NO LUCK with either of those.

Thank you so much for all the help and direction, hope you can figure this one out.

Jenn

bigcitycat said:

I hate to say this because I love Windows but don't online bank with a windows pc. Download a copy of Ubuntu and burn it to disc. Boot your pc with the dvd in your dvd player and select try without installing. Plugin internet directly and bank with it as a live dvd. Guaranteed safe.

Download Ubuntu | Ubuntu

Hi BigCityCat,

Mission accomplished .. I did it, I created the CD to use and my Laptop booted right to it with no issues.

Once on the Desktop I opened Firefox, connected with my Wireless then pulled up my banking site and managed to take care of business with no problem.

Then I decided to look/play around and see what I could understand.

Somehow that CD even had my D:\ drive storage items on it .. listed under a Data Icon. They were a mess, none alphabetical and I couldn't find a way to straighten them out but still when I opened the individual folders things were there and I understood the concept.

After playing around for awhile when I got ready to sigh out of it I couldn't figure how in the world to stop the CD .... I looked everywhere under every Menu no buttons to do it buy.

Finally went back to the Desktop and searched for HELP ..
Immediately the Log Out and Shut Down buttons became visible.
Boy was I LOST for a moment .. good learning experience.

Thank you so much for the input to help me with my online banking.

Have a Good Evening.

Huggs Jenn

JennB213 said:

bigcitycat said:

I hate to say this because I love Windows but don't online bank with a windows pc. Download a copy of Ubuntu and burn it to disc. Boot your pc with the dvd in your dvd player and select try without installing. Plugin internet directly and bank with it as a live dvd. Guaranteed safe.

Download Ubuntu | Ubuntu

Hi BigCityCat,

Mission accomplished .. I did it, I created the CD to use and my Laptop booted right to it with no issues.

Once on the Desktop I opened Firefox, connected with my Wireless then pulled up my banking site and managed to take care of business with no problem.

Then I decided to look/play around and see what I could understand.

Somehow that CD even had my D:\ drive storage items on it .. listed under a Data Icon. They were a mess, none alphabetical and I couldn't find a way to straighten them out but still when I opened the individual folders things were there and I understood the concept.

After playing around for awhile when I got ready to sigh out of it I couldn't figure how in the world to stop the CD .... I looked everywhere under every Menu no buttons to do it buy.

Finally went back to the Desktop and searched for HELP ..
Immediately the Log Out and Shut Down buttons became visible.
Boy was I LOST for a moment .. good learning experience.

Thank you so much for the input to help me with my online banking.

Have a Good Evening.

Huggs Jenn

Happy to help. Glad it was a good experience.

indianacarnie said:

Remove Win 7 Antispyware 2012 and Vista Antivirus 2012 name changing rogue (Uninstall Guide)

I've used instructions from these people before on an unrelated problem and was completely satisfied. Good luck!

Thank YOU so much and I appreciate your time and the link.

Jenn

Jenn
Check this article as to why.
Security Fix - Avoid Windows Malware: Bank on a Live CD

Night Hawk said:

That shows it to be the same worm type virus I saw VIPRE clean right off. They like to trash Windows even once you have them off entirely when you later start running into various problems!

For the 30 day trial which will work you would first need to uninstall Avast being another av program. This type of virus generally doesn't try to recode files you have stored on the drive like other viruses but mainly targets the registry and some system files.

I would recommend backing things up just in case you end up needing to wipe the drive clean for a fresh install. Later once everything was back on creating a full system image to be stored on a separate drive would be the idea. The restoration of an image will wipe the drive for you during the process.

Thank You so much Night Hawk,

Since I'm not having the pop-ups, re-direct issues or any other virus related problems right now I really don't want to have to reformat my computer.

Right now my scans are coming up clean and I can't find anything that the Fake Virus is doing except those 3 entries showing in the Notification Area Icons, which I would love to get rid of but not enough to reformat.

I read some articles today about understand the Registry finally felt comfortable enough to venture in and look around.

I found BOTH the gud.exe and the dwx.exe in the Registry under the Key HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache.

Being a novice I backed out of the Registry without doing anything but wondered what would have happened if I had deleted those two values.

Anyway I think I'll try to find a Registry program that will help me to delete those two items without fear ..

I never did find anything on the proxychecker.exe but I have found how to hide it within the Notification Area.

Again,Thank YOU so much I appreciate the time you've devoted trying to help me.

Jenn

NightHawk,

I wanted you to know I haven't bailed on you.
My daughter's little dog was run over & killed today by her roommate.
We are all really big dog lovers and I've been with her.
I'm so tore up, don't feel like I can handle computer today.

I will write back to you tomorrow.
I am going to take your suggest and delete those two value's,
but probably not a good idea for me right now, brain to scattered.

Talk to you tomorrow.

Thank YOU for all your input and help.

Jenn