Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Another Fake AV cant remove

13 Feb 2011   #1
cclloyd9785

Windows 7 Home Premium x64, Mac OS X 10.6.2 x64
 
 
Another Fake AV cant remove

This problem is VERY similar to the one I had last time (except on a differnt computer), and worse.

If I try to run a program, it will block the service from being started, even if I reboot into safe mode. Now I cant start Windows Defender (which is what took care of it last time).

Any ideas on how to remove it?


My System SpecsSystem Spec
.
13 Feb 2011   #2
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

My System SpecsSystem Spec
13 Feb 2011   #3
Bill2

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

You can try running a scan with free malwarebytes. Run in safe mode if you have problems in the regular mode.
My System SpecsSystem Spec
.

13 Feb 2011   #4
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

Any chance you can do a sys restore? If you can, go back at least 2 or 3 points past the infection point, since some malware/viruses embed themselves in the 1st avail restore point.

You could try to install MSE which combines Defender along with Virus protection, although that may not install at this point.
My System SpecsSystem Spec
13 Feb 2011   #5
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

What's the name of the malware?
My System SpecsSystem Spec
14 Feb 2011   #6
Bill

Windows 7 Enterprise x64
 
 

Download Sysinternal Process Explorer:

Process Explorer

This program runs as a stand alone, you can rename to a common windows process like iexplore.exe. Then launch the program. Look through the list of processes that shows up in front of you. Usually the virus stands out because it will have a random name like bhjkzyz.exe or something like (just an example). If you look at the process once you find it, you can see where the .exe file is. Usually it is in your App Data / Application Data folder (depending on your OS). So you can then kill the process. At that point, it should no longer be running and you should be able to run malwarebytes to remove it.

Bill
My System SpecsSystem Spec
14 Feb 2011   #7
seth500

Windows 7 Ultimate x64
 
 

Try the fry version of Hitman Pro it works good....on stuff like that.

Home - SurfRight
My System SpecsSystem Spec
14 Feb 2011   #8
brady

 

True versions of Fake AV will no longer allow you to execute anything. True fake AV will modify the .exe reg file to point it towards the infection files.

The following .reg should be copied to a notepad page and saved as a ".reg"
Before clicking ANYTHING with the true Fake AV, this .reg should be double clicked to ensure you're truly launching what you want to be launching.

Code:
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]
[-HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
[-HKEY_CLASSES_ROOT\secfile]
Once you're able to launch applications... I highly suggest you save your important files then reformat.
My System SpecsSystem Spec
Reply

 Another Fake AV cant remove




Thread Tools




Similar help and support threads
Thread Forum
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections) Source ...
System Security
Fake Anti-virus cant remove
My brother accidently installed a fake antivirus. It wont let him get on the internet, run basically any program (even taskmgr) or do much anything unless he "activates the antivirus" by buying it. Iv tried running Remove Fake Antivirus 1.72, full system scans with Spy Sweeper and MSE. Nothing...
System Security
how to remove fake windows 7 - help!
hope this is the correct place to ask for help but I am new to the forum :) My father purchased a brand new laptop from a well known high street shop via their online service. Due to his lack of knowledge he decided to upgrade to windows 7 pro and purchased this software from Amazon. The laptop...
Installation & Setup
Fake Online AV Scanner Installs Fake AV
Fake Online AV Scanner Installs Fake AV Today, SophosLabs witnessed a bogus website with a fake online AntiAdware scanner. When the website is accessed, it executes embedded javascript within the webpage. This script will cause the victim’s computer to display a fake progress bar pretending to...
System Security
7265 fake or not? - Fake
Saw this and i see a source is trying to get his hands on it (if it's real) What do you guys think?
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 04:35.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App