Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Fake Anti-virus cant remove

28 Dec 2010   #11
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

First off, what is the name of this fake AV? I believe in this case it would really help everyone if we knew specifically what we were dealing with. Different fake AV's work in different ways, and as I stated in the 1st post, there is software that targets certain fake AV's.

I don't know how much internet access it's allowing you, but if you can go here, it will d/l it's own AV engine & run it in a sandbox. Try both links.

Free Virus Scan - Free Antivirus Software | Norton Security Scan

http://security.symantec.com/sscv6/h...&auth_status=0

If this thing is so stubborn that even a boot up rescue disk isn't helping, you may wish to just reinstall the entire OS (after wiping the disk), as even if you clean it out, there may be some remnants left that can cause instability down the road.


My System SpecsSystem Spec
.
02 Jan 2011   #12
cclloyd9785

Windows 7 Home Premium x64, Mac OS X 10.6.2 x64
 
 

Nothing here worked, but somehow Windows Defender found it (funny huh). It was some backdoor, and a rootkit. Removed them both and was fine.
My System SpecsSystem Spec
03 Jan 2011   #13
marsmimar

Microsoft Community Contributor Award Recipient

 
 

Glad to hear Windows Defender took care of the problem.
FWIW you might want to try scanning again with Malwarebytes, Hitman, etc just as a precaution. If you can't get those scans to work you might still have some malware on your machine.
My System SpecsSystem Spec
.

03 Jan 2011   #14
Jaxryley

 
 

Did you get a name for the fake AV?
My System SpecsSystem Spec
03 Jan 2011   #15
Garreh

Laptop: Win 7 Pro x86 / Desktop: Win 7 Pro x64
 
 

There are quite a few Fake AV's floating around at the moment,

Some of these names include:

SecurityTool (Very easy to remove)
Anti-Virus Vista 2010 (Very hard to remove)
Anti-Virus Vista 2011(Very hard to remove)
rogue.systemdefragmenter (Malware Bytes detection name)

and so on.

Usually, these are really easy to remove unless they're the ones that contain rootkits and backdoor droppers like Anti-Virus Vista.
My System SpecsSystem Spec
03 Jan 2011   #16
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Quote   Quote: Originally Posted by cclloyd9785 View Post
Nothing here worked, but somehow Windows Defender found it (funny huh). It was some backdoor, and a rootkit. Removed them both and was fine.
Rootkits are not that easy to get rid of. My suggestion is to wipe and do a clean install. You can't be sure the computer will ever be stable again, without doing so.
My System SpecsSystem Spec
03 Jan 2011   #17
Garreh

Laptop: Win 7 Pro x86 / Desktop: Win 7 Pro x64
 
 

Quote   Quote: Originally Posted by Jacee View Post
Quote   Quote: Originally Posted by cclloyd9785 View Post
Nothing here worked, but somehow Windows Defender found it (funny huh). It was some backdoor, and a rootkit. Removed them both and was fine.
Rootkits are not that easy to get rid of. My suggestion is to wipe and do a clean install. You can't be sure the computer will ever be stable again, without doing so.
Ah but if you know what your doing, you can completely clear the system of rootkits. Yes they are hard to remove, but the system can still be stable if removed properly...
My System SpecsSystem Spec
03 Jan 2011   #18
cclloyd9785

Windows 7 Home Premium x64, Mac OS X 10.6.2 x64
 
 

After it got rid of it, I scanned in safe mode with Spy Sweeper, and MSE. they found nothing.

And it was somehting like System Security Scan or something like that.
My System SpecsSystem Spec
03 Jan 2011   #19
EzioAuditore

Winbdows 7 ultimate x64 | Ubuntu 12.04 x64 LTS
 
 

I'd still insist on doing a wipe and install rather than scanning with some basic stuffs like MSE, Spysweeper.
You can never be sure how much damage the rootkit has done. They can install hooks at such low levels that can survive formats and scans. Moreover, they may also create hidden partitions or locations as you say, which acts as their backup and working area.
However, a wipe would very likely clean the remnants.
My System SpecsSystem Spec
03 Jan 2011   #20
cclloyd9785

Windows 7 Home Premium x64, Mac OS X 10.6.2 x64
 
 

I always check partitions frequently on this computer as my brother often messes it up somehow. Glad to say that there is only 1 partition.

And I had him back up all the stuff he wants to keep, so that if it does give him trouble again, we will just wipe teh drive and reinstall the OS.
My System SpecsSystem Spec
Reply

 Fake Anti-virus cant remove




Thread Tools




Similar help and support threads
Thread Forum
Fake Windows 7 anti-virus
First off, i'm sorry if this is not in the right place. Ok, 2nd off I am very good about not getting viruses, I haven't had one in years & yes I am running a legit virus scanning program. I woke up this morning and logged onto my PC & all of a sudden it started going absolutely crazy, now I...
System Security
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections) Source ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:01.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App