Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Fake virus scan (Win7 Defender)

21 Dec 2012   #1
dach162

indows 7 home permium 64 bit
 
 
Fake virus scan (Win7 Defender)

All of a sudden I got a security system alert saying I had problems. It is Win7 Defender and they won't let me do anything with the file extension of .exe. I went to safe mode and can't start any programs at all. I know that Malwarebytes can remove it but I can't download Malwarebytes because it has an .exe file extension. All virus/spyware programs, or any other for that matter, can't be started. As soon as this hoax sees the .exe file, it brings itself up. Anybody got any good ideas? Thankfully I have a separate computer to send this from.


My System SpecsSystem Spec
.
21 Dec 2012   #2
DocBrown

Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz)
 
 

Welcome dach162,

I remember using a program called Rkill several years ago to stop this malware that locks up the .exe files

RKill - CNET Download.com
My System SpecsSystem Spec
21 Dec 2012   #3
dach162

indows 7 home permium 64 bit
 
 

I have that but since it has a .exe, I can't download it to the computer. (I have in on a flash drive)
My System SpecsSystem Spec
.

21 Dec 2012   #4
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

This might help. Download using a clean computer.
Windows Defender Offline

Sometimes renaming things like Malwarebytes will get past the infection.
Malwarbytes #21.exe
Also try using scans from Safe Mode and Rkill from Safe Mode.
My System SpecsSystem Spec
21 Dec 2012   #5
DocBrown

Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz)
 
 

You can also download it as a .com file to USB & then transfer to the infected computer
  1. Do you want to run or save rkill.com (1.59 MB) from download.bleepingcomputer.com?
  2. download.bleepingcomputer.com/grinler/​rkill.com
My System SpecsSystem Spec
21 Dec 2012   #6
dach162

indows 7 home permium 64 bit
 
 

If this didn't have the .exe file it might work but anything (and I mean anything) with a .exe won't work. I can't pick up IE or any other program that has an executable file.
My System SpecsSystem Spec
21 Dec 2012   #7
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I agree with Doc Rkill has always worked for me.
Please read this.
RKill - What it does and What it Doesn't - A brief introduction to the program
Don't keep telling us you can't, Try
Read the Defender off line.
My System SpecsSystem Spec
21 Dec 2012   #8
DocBrown

Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz)
 
 

Here is an old post from SF, but good info here

Rogue Virus Removal Tool
My System SpecsSystem Spec
21 Dec 2012   #9
dach162

indows 7 home permium 64 bit
 
 

Thanks for all the quick information. The best answer was changing the .exe to .com and trying that. When I did, it allowed me to install malwarebytes and after scanning with that, it removed all of this foolish fake program. The key here was .com. This win7 defender takes over whenever a .exe is called for. Thanks again.
My System SpecsSystem Spec
21 Dec 2012   #10
DocBrown

Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz)
 
 

Congrats, Glad we could help
My System SpecsSystem Spec
Reply

 Fake virus scan (Win7 Defender)




Thread Tools




Similar help and support threads
Thread Forum
Results of Windows Defender Offline Full Scan
Results of the Windows Defender Offline Full Scan: Trojan:Win32/Dynamer!dtc Severe Active Remove Exploit:Java/CVE-2012-1723.AQT Severe Active Remove Trojan:Win32/Alureon Severe Active Remove Providing the above per gregrocker in the...
System Security
Windows defender offline scan results problem
While using Windows Defender Offline (WDO) scans show that it detects some sort of virus. The problem is at the end of scan it doesn't allow me to review or remove the virus. I need Help.
System Security
Think I got a virus - fake user?
My browser seems to have been redirected to a malicious website. NOD32 gave me a warning = blocked website. But I think it was to late. A few minutes later I got a pop up saying that my drive was no longer accessible. The another saying it could not load the drivers for the new hardware. But all...
System Security
Infection by fake AV virus
Visiting a friend who is massively infected by fake AV scan. All of his files are hidden and nothing will run. I just ran bootable Windows Defender Offline which appears to have found nothing. System Restore is infected back a few days although there are more points to go back further. Any...
System Security
Fake Anti-virus cant remove
My brother accidently installed a fake antivirus. It wont let him get on the internet, run basically any program (even taskmgr) or do much anything unless he "activates the antivirus" by buying it. Iv tried running Remove Fake Antivirus 1.72, full system scans with Spy Sweeper and MSE. Nothing...
System Security
Windows Defender is on but does not scan.
I set up a new computer with Windows 7. I set Windows Defender to run a scan every day at 2 AM, but as far as I can tell, it doesn't run the scan. It states that the last scan was run about a week ago. I rechecked the settings and Windows Defender states that it in on. I keep the computer in sleep...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:45.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App