Win 7 Anti-Virus 2011 the virus!

  • Thread starter Ondine
  • 26 comments
  • 1,586 views
Ondine

Ondine

215
Rocket_Power
So apparently this is a rather new, widespread virus that's been going around, and now it's found its way into my laptop. :scared: There are tutorials that kinda explain how to get rid of it, but I'm basically a total moron when it comes to anything tech related... Can someone please give me a step-by-step, layman's guide to getting rid of this thing? Thanks for any help!

Things I can't do:
-Ignore it or simply exit
-Access the internet, even through Safe Mode
 
I would suggest getting Anti-Virus software on another computer and saving it to a USB. (I suggest AVG) then using that to clean the virus.

OR.

You could go onto your system and do a system restore to a date before you got the virus. It just means that the work and things you've done from then until now will go.
 
'Round the bend
I would suggest getting Anti-Virus software on another computer and saving it to a USB. (I suggest AVG) then using that to clean the virus.

OR.

You could go onto your system and do a system restore to a date before you got the virus. It just means that the work and things you've done from then until now will go.
Click to expand...

And this would delete all traces of the virus? Is it easy to do a system restore? Because that'd be great; I barely have anything saved on my laptop, anyway.
 
Using system restore will NOT fix this.
AVG will not remove this for a few reasons but main one being is you are infected and the infection will prevent things like AVG from running.

Download and update(if possible) the following.

Spybot S&D(download the updates if you can't download them with the program)
Malwarebytes

Turn off system restore to prevent it from hiding in the system volume infomation folders by going to Start>Control Panel>System and Security>System>System Protection>Highlight C: and click configure>Turn off.

Download and run Combofix from bleepingcomputers and run it in safemode.

And i can tell you that Windows antivirus 2011(or what ever name it goes by) is not the worst.

I have seen one called Windows Recovery which hides all files in C:\Users\ so the user thinks they have lost their files and need to pay to get them back, but this one also deletes the program files from the start menu.

Best Coruse of action when you get this one is a restore sad to say, unless you want to rebuild the start menu list from scratch.
 
Grayfox
I have seen one called Windows Recovery which hides all files in C:\Users\ so the user thinks they have lost their files and need to pay to get them back, but this one also deletes the program files from the start menu.

Best Coruse of action when you get this one is a restore sad to say, unless you want to rebuild the start menu list from scratch.
Click to expand...

I got that and nuked it but not properly. So pretty much nothing in the start menu works properly. Doesn't bother me though. Oh it also put everything to hidden status, yay.
 
Grayfox
Using system restore will NOT fix this.
AVG will not remove this for a few reasons but main one being is you are infected and the infection will prevent things like AVG from running.

Download and update(if possible) the following.

Spybot S&D(download the updates if you can't download them with the program)
Malwarebytes

Turn off system restore to prevent it from hiding in the system volume infomation folders by going to Start>Control Panel>System and Security>System>System Protection>Highlight C: and click configure>Turn off.

Download and run Combofix from bleepingcomputers and run it in safemode.

And i can tell you that Windows antivirus 2011(or what ever name it goes by) is not the worst.

I have seen one called Windows Recovery which hides all files in C:\Users\ so the user thinks they have lost their files and need to pay to get them back, but this one also deletes the program files from the start menu.

Best Coruse of action when you get this one is a restore sad to say, unless you want to rebuild the start menu list from scratch.
Click to expand...

👍
Typically with these fake anti virus programs, Spybot search and Destroy can get rid of some of it, but Malwarebytes is gonna be your best bet for getting everything out. At any rate, it's good to have both of these on your computer at all times. Good luck!
 
I've removed this a few times, and my advice is, if you aren't comfortable with, or very computer literate, to hire someone, or ask someone to remove it for you.

Most anti-virus.etc programs won't fully remove AV2011 (also called XP/Vista Anti-Virus 2010/2011) and it will keep coming back.

Full removal requires editing the registry manually, deleting any files associated with it, doing so while in safe mode and disconnected from the internet.
 
My other computer had a strange habit of collecting viruses, when all the other computers, even my completely unprotected computer I use to watch porn, completely fail to do so. This computer is a netbook, and came with an operating system image, so when I got Anti-virus 2: the Virus, I just "Cued the ****ing reinstall." That said, a system restore worked the third time it happened, and after getting Ad-Block plus, it hasn't happened since. It's not that I don't want to help the websites I go to, I just don't trust the ads themselves.
 
Grayfox
:lol::lol: Linux, no games on linux, small amount of games on a mac.
Click to expand...

No native games on linux (or not many). However between wine, dosemu and dosbox you can get pretty much anything except cutting edge games to work.
 
True that.


Macs are good for graphic designers.
Linux are good for servers/programmers.
Windows are good for gamers and general users.
 
I see Mac as the computer that triumphs over all. You can buy a good mac and install programs which allow you to use all three of the mentioned OS's (Windows, Mac and Linux)

I used to use PC but now i've turned to Mac.
 
If apple wasn't so paranoid on the hardware they want on their system i could run all 3 on my PC.
 
I finally got around to downloading Malwarebytes on the laptop, turned off system restore, and now I'm scanning it. I did the quick scan twice (the recommended one), and it found objects infected both times--about forty the first time, just one the second time. So this time I've done the full scan which has currently found 5, but it's taking a lot longer.

Anyway, I just thought I'd post my progress and make sure I'm on the right track. Thanks for all the help!
 
'Round the bend
I see Mac as the computer that triumphs over all. You can buy a good mac and install programs which allow you to use all three of the mentioned OS's (Windows, Mac and Linux)

I used to use PC but now i've turned to Mac.
Click to expand...

I use to use mac, and now I use PC. Weird how people have completely different views on things. I've had 2 macs and have had just as much if not more trouble with them, then I have had with my 2 most recent windows PC's. Plus the macbook was 7 times as much money as my pc laptop, and my imac was about 400 more $ then my new PC, that is built to do pretty much anything. My Imac is currently one of the most expensive digital picture frames on the market. I can't get it to do anything except just do the slide show of old pictures I have on it. The macbook does still work, but it is super slow, and has had to be xent back twice for repairs.
 
Best way to fix these is with a utility disk like Kaspersky Rescue Disk which is a CD you boot from, so whatever's on your hard drive doesn't get a chance to run. You scan from the utility on the CD, and since the malware doesn't run, it can't interfere with the scan. This thing gets the rootkit part of those fake AVs, too, which Malwarebytes misses a lot of times (the reason they come back just when you think you've fixed them.)

The fake AV things are pretty much just fraud, they don't really destroy anything but they can make your computer unusable, trying to force you to pay for the "protection." The Windows Recovery, though, is nasty. Catch it in time you're probably OK, but once damaged it's really quite difficult to get everything back like it was.

If you see any of these things present a window, do not respond to the window in any way. Don't try to close it, don't try to minimize it, don't click on anything. none of the Windows features presented are necessarily the actual Windows features. The red X may actually be programmed to be the Yes button, giving the malware permission to install. So if one of these pops up, just yank the power cord before it can do anything else.

Seriously. That's the best prevention once the screen presents itself.
 
Rkill rename it to explorer.exe then open it so it can close a temporarily disable the Fake AV then download Malwarebytes (you should be able to use the Web) update it and do a full scan... Problem should be solved..

If that does not work try this Register Code: 1147-175591-6550
 
Just throwing this out here JUST INCASE its needed!!

Some of the Viruses I've dealt with over the last few months screw up the user profile. you might want to do this to be safe or just keep this guide in mind, up to you.

If you think you have corrupted your profile, I suggest you make another user on the machine, name it anything and give it an easy password. Make it an Admin.

Log on with that account (or restart onto it to make sure NOTHING is running on the normal one).
Goto My Computer > C Drive > Users (Windows 7) or Documents and Settings (XP) > Rename your account to 'Name'.old (So it reads, Thomas.old)
Now log on as yourself as normal, Windows will generate a new user profile for you. From here you can copy across all your old documents and that.

If you need any more help give us a shout, might throw a screenshot guide up soon as this is becoming an all to regular occurance now with normal google images being infected!
 
TommyWizard
If you need any more help give us a shout, might throw a screenshot guide up soon as this is becoming an all to regular occurance now with normal google images being infected!
Click to expand...

A good anti virus should stop you from downloading the Fake AV and stop you going to the redirected page.... AVG did for me..
 
Not me I swear lol.
No seriously, its all customer computers that I've dealt with. Sophos and NOD32 dont seem to detect these things too well from the looks of things. I've seen the dodgy page if you will once while using MS Security essentials and it flagged up for me. Although I was able to tell straight away it was good to know that it did actually work.

Unfortuantly I also hear of absolute horror stories in here about certain customers. One of the viruses one user got asked them for credit card details to pay for their tool to remove it. He rang in and said if an engineer could check to make sure the new software was working as he'd paid them like it said and nothing seemed to happen. He never seen that 50 Quid again, plus the money we charged to dial onto his machine to remove the thing lol.
 
Also I don't think its around anymore but if you get Navashield your computer (and ears) would be ruined heres what I mean:





Pretty weird stuff.... In the future!!! O_o
 

Similar threads

llNovall
  • Locked
SNAIL-Porsche GT3 Cup Challenge (using new 992 GT3), Season Champ: Sand_68, Congratulations on the Win and a Great Season!!!
23 24 25
Replies
724
Views
66K
Noob01_lmdead
Noob01_lmdead
JohnBM01
Wi-Fi and Sound Issue
2
Replies
31
Views
3K
JohnBM01
JohnBM01
George Jakob
Gran Turismo 7 Rewiew 1,05-1.25 (A miss-shift to 8th gear) .
Replies
13
Views
6K
George Jakob
George Jakob
Alex p.
My 7 day trip through Italy (pics of cars, food, nature and architecture inside)
Replies
9
Views
979
kikie
K
Philly
Soccer-mom mobile reinvented: The 2011 Ford Explorer
2
Replies
45
Views
7K
YSSMAN
YSSMAN

Latest Posts

Back