Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Another Fake AV cant remove

13 Feb 2011   #1

Windows 7 Home Premium x64, Mac OS X 10.6.2 x64
Another Fake AV cant remove

This problem is VERY similar to the one I had last time (except on a differnt computer), and worse.

If I try to run a program, it will block the service from being started, even if I reboot into safe mode. Now I cant start Windows Defender (which is what took care of it last time).

Any ideas on how to remove it?

My System SpecsSystem Spec
13 Feb 2011   #2
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1

My System SpecsSystem Spec
13 Feb 2011   #3

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86

You can try running a scan with free malwarebytes. Run in safe mode if you have problems in the regular mode.
My System SpecsSystem Spec

13 Feb 2011   #4
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10

Any chance you can do a sys restore? If you can, go back at least 2 or 3 points past the infection point, since some malware/viruses embed themselves in the 1st avail restore point.

You could try to install MSE which combines Defender along with Virus protection, although that may not install at this point.
My System SpecsSystem Spec
13 Feb 2011   #5
Microsoft MVP

Windows 7 Ultimate 32bit SP1

What's the name of the malware?
My System SpecsSystem Spec
14 Feb 2011   #6

Windows 7 Enterprise x64

Download Sysinternal Process Explorer:

Process Explorer

This program runs as a stand alone, you can rename to a common windows process like iexplore.exe. Then launch the program. Look through the list of processes that shows up in front of you. Usually the virus stands out because it will have a random name like bhjkzyz.exe or something like (just an example). If you look at the process once you find it, you can see where the .exe file is. Usually it is in your App Data / Application Data folder (depending on your OS). So you can then kill the process. At that point, it should no longer be running and you should be able to run malwarebytes to remove it.

My System SpecsSystem Spec
14 Feb 2011   #7

Windows 7 Ultimate x64

Try the fry version of Hitman Pro it works good....on stuff like that.

Home - SurfRight
My System SpecsSystem Spec
14 Feb 2011   #8


True versions of Fake AV will no longer allow you to execute anything. True fake AV will modify the .exe reg file to point it towards the infection files.

The following .reg should be copied to a notepad page and saved as a ".reg"
Before clicking ANYTHING with the true Fake AV, this .reg should be double clicked to ensure you're truly launching what you want to be launching.

Windows Registry Editor Version 5.00
"Content Type"="application/x-msdownload"
Once you're able to launch applications... I highly suggest you save your important files then reformat.
My System SpecsSystem Spec

 Another Fake AV cant remove

Thread Tools

Similar help and support threads
Thread Forum
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections) Source ...
System Security
Fake Anti-virus cant remove
My brother accidently installed a fake antivirus. It wont let him get on the internet, run basically any program (even taskmgr) or do much anything unless he "activates the antivirus" by buying it. Iv tried running Remove Fake Antivirus 1.72, full system scans with Spy Sweeper and MSE. Nothing...
System Security
how to remove fake windows 7 - help!
hope this is the correct place to ask for help but I am new to the forum :) My father purchased a brand new laptop from a well known high street shop via their online service. Due to his lack of knowledge he decided to upgrade to windows 7 pro and purchased this software from Amazon. The laptop...
Installation & Setup
Fake Online AV Scanner Installs Fake AV
Fake Online AV Scanner Installs Fake AV Today, SophosLabs witnessed a bogus website with a fake online AntiAdware scanner. When the website is accessed, it executes embedded javascript within the webpage. This script will cause the victim’s computer to display a fake progress bar pretending to...
System Security
7265 fake or not? - Fake
Saw this and i see a source is trying to get his hands on it (if it's real) What do you guys think?
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:56.
Twitter Facebook Google+