Infected with "Win 7 Security 2012" virus

[Rush-2112]

This is unbelievable...every year I invest in my antivirus renewal, and yet I keep getting these nasty viruses.

It seems like a new 2012 virus...will not let me open any .exe's or internet or anything. I don't know what to do. I am not too tech-savvy, so is there anyone out there who can help me out? How can I resolve this? Btw I'm able to post this because thankfully I have the TB app, ha...

[BogeyBass]

very few understood the reason for non administer accounts in windows XP.

I'm sure the same carrys with windows 7.

I dont even use 7 yet so dont take my word for it.
But in XP 90% of all viruses problems can be solved by using a non administer account to use the internet. Simply because a non administer has no rights to install anything so if a virus was to come in. It cannot even install since it has no rights.

otherwise if you system is wasted, i would download spybot search and destroy and try to get your system to a decent level.

most likely you will need to wipe your system and reinstall windows. if you have files you need to recover you can plug your hard drive into another working system to extract and save your files. and then just wipe the whole system and reinstall windows.

most anti virus programs dont do much and just waste system resources. they hog the system and run in the background for no reason. I hate em worthless waste of money.

I like many males view porn on the net to, and 90% of viruses come from it. The other 10% is trojans and garbage that comes from flash ads and advertisers on social networks and search engines.

Use a non admin account and run spybot once a week, save yourself alot of money and lost files.

[6jase5]

Wipe it. Painful but always my friend (IT guy's) answer.
I've used Bitdefender (his suggestion) for 7-8 years and never once had a problem and it's not a resource hog. I also use Avast (free).

[Kwesi]

As for porn surfing, I recommend that folks avoid being super adventurous and stick to a handful of safe places that they know won't wreck their computer. Also, install a ad-blocker of some kind for your browser.

Truth be told, I don't even know what good virus protection is on windows anyway. Not saying that it's useless but I just don't know what to make of it. On of my first computers ran on Windows XP and had a suite of protection software (three free but highly rated programs) and got attacked relentlessly. Every few months I had some sort of crippling virus and I ended up having to wipe everything more than a few times. Switched over to Mac, had it dual booted with Windows XP and ran it stark naked for two years. No viruses. Not a single one. Been running Windows 7 naked for maybe a year and a half now and still no viruses. I guess being that virus software is free you don't lose anything by installing it but I'm wondering how much this stuff really protects us.

Also, Rush, it may be a good idea to have multiple Administrative accounts in addition to the non-Administrative one that Bogey suggested. If the virus is limited to one account then you can work on a solution from the secondary Admin account.

[Munjibunga]

Quote:

Originally Posted by BogeyBass

very few understood the reason for non administer accounts in windows XP.

I'm sure the same carrys with windows 7.

I dont even use 7 yet so dont take my word for it.
But in XP 90% of all viruses problems can be solved by using a non administer account to use the internet. Simply because a non administer has no rights to install anything so if a virus was to come in. It cannot even install since it has no rights.

otherwise if you system is wasted, i would download spybot search and destroy and try to get your system to a decent level.

most likely you will need to wipe your system and reinstall windows. if you have files you need to recover you can plug your hard drive into another working system to extract and save your files. and then just wipe the whole system and reinstall windows.

most anti virus programs dont do much and just waste system resources. they hog the system and run in the background for no reason. I hate em worthless waste of money.

I like many males view porn on the net to, and 90% of viruses come from it. The other 10% is trojans and garbage that comes from flash ads and advertisers on social networks and search engines.

Use a non admin account and run spybot once a week, save yourself alot of money and lost files.

I know all the tech-savvy folks bash Norton, but I haven't had a virus in years. Yeah, it consumes resources, but with a Core i7 processor and 8GB of RAM, it's not too much of a bother. Besides, Norton employees probably write the viruses to keep themselves employed. Your only protection is to buy Norton Anti-virus.

[HollowBassman]

I don't know for sure if it will work with that specific virus but I've had some with similar names and managed to get rid of them by opening task manager(control+alt+delete) the moment my desktop background appears and closing any processes that I know do not belong. Then you can run your antivirus software and hope you have one that can find it. It all has to be done before everything fully loads or it will say task manager is infected.

[L-A]

Quote:

Originally Posted by Munjibunga

I know all the tech-savvy folks bash Norton, but I haven't had a virus in years. Yeah, it consumes resources, but with a Core i7 processor and 8GB of RAM, it's not too much of a bother. Besides, Norton employees probably write the viruses to keep themselves employed. Your only protection is to buy Norton Anti-virus.

Hehehe

[BloFish]

Windows 7, AVG Anti-Virus, and Advanced System Care= no problems!!

[John D]

Quote:

Originally Posted by Munjibunga

I know all the tech-savvy folks bash Norton, but I haven't had a virus in years. Yeah, it consumes resources, but with a Core i7 processor and 8GB of RAM, it's not too much of a bother. Besides, Norton employees probably write the viruses to keep themselves employed. Your only protection is to buy Norton Anti-virus.

This^^^

Quote:

Originally Posted by HollowBassman

I don't know for sure if it will work with that specific virus but I've had some with similar names and managed to get rid of them by opening task manager(control+alt+delete) the moment my desktop background appears and closing any processes that I know do not belong. Then you can run your antivirus software and hope you have one that can find it. It all has to be done before everything fully loads or it will say task manager is infected.

+This ^^^
+Malwarebytes =
No more problems.

[Turock]

If you right click on .exe files and select "run as administrator" you should be able to open them. Download Malwarebytes, TDSSKiller, RKill and FixNCR.reg. You may have to download them on a different computer and put them on a flash drive. Download the updates for Malwarebytes also. Boot your computer into safe mode. Run Rkill first, then run the other two and your antivirus program. Don't reboot until you have run them all.
If "Win 7 Security" left an icon on your desktop, right click and select properties, look at the "shortcut" tab, look at "start in", it may give the location of the program. Find and delete that.
Boot back into normal mode, run the FixNCR to restore your registry setting (right click, "run as administrator"), afterwards your .exe files should open normally. When you can get back to the internet, run Hitman Pro for a second opinion.

[knumbskull]

system restore to a safe point often works. also get Malwarebytes and scan once you're done.

[Turock]

Quote:

Originally Posted by HollowBassman

I don't know for sure if it will work with that specific virus but I've had some with similar names and managed to get rid of them by opening task manager(control+alt+delete) the moment my desktop background appears and closing any processes that I know do not belong. Then you can run your antivirus software and hope you have one that can find it. It all has to be done before everything fully loads or it will say task manager is infected.

The task manager can still be run by right clicking taskmgr.exe and selecting "run as administrator". The taskmgr.exe is in the WINDOWS\system32 folder.

[Rush-2112]

Thanks so far guys...I booted up in safe mode, have Malwarebytes and my antivirus programs running as administrator, and they're scanning as we speak. Let's hope this works

[Turock]

Make sure to run TDSSKiller. If you have a rootkit (I suspect that you do), Malwarebytes and antivirus programs will not rid you of it.

[Rush-2112]

Quote:

Originally Posted by Turock

Make sure to run TDSSKiller. If you have a rootkit (I suspect that you do), Malwarebytes and antivirus programs will not rid you of it.

Hey thanks for the help...well I ran Malwarebytes and it seems to have gotten rid of it. But could the rootkit be hidden somewhere I'm not seeing? My PC seems to be back to normal. What is TDSS btw? I tried CNET and they don't have it, so I'm a bit reluctant since I really trust CNET and they don't carry it...

[tuBass]

look up combofix too. that will get things that malwarebytes misses

[Turock]

Quote:

Originally Posted by Rush-2112

Hey thanks for the help...well I ran Malwarebytes and it seems to have gotten rid of it. But could the rootkit be hidden somewhere I'm not seeing? My PC seems to be back to normal. What is TDSS btw? I tried CNET and they don't have it, so I'm a bit reluctant since I really trust CNET and they don't carry it...

Yes, rootkits are very well hidden. TDSSKiller is put out by Kapersky. Here's a link:
Anti-rootkit utility TDSSKiller

[ldervish]

Quote:

Originally Posted by HollowBassman

I don't know for sure if it will work with that specific virus but I've had some with similar names and managed to get rid of them by opening task manager(control+alt+delete) the moment my desktop background appears and closing any processes that I know do not belong. Then you can run your antivirus software and hope you have one that can find it. It all has to be done before everything fully loads or it will say task manager is infected.

This worked for me when my son's laptop was infected with a similar bug or maybe the same one. The guilty file was named with a bunch of letters and numbers. Once I stopped it with Task Manager I could run all the removal software.

I've have had best success when one of these hits (usually, as someone mentioned, hidden in a search result) in just slamming off the power, stopping the download. However I recently had one hit me following a search, and wasn't quick enough and it got in there and really screwed things up. Eventually I got rid of it but in the meantime it messed up some system files and I couldn't access the internet no matter how I configured it. There were probably other troubles waiting for me too. End result = backup doc's, wipe the drive and reload the system.

[MJ5150]

Norton products make me shudder. No thank you.

-Mike

[Rush-2112]

OK downloaded and ran Hitman Pro, and that didn't find anything...think I'm safe for now. I will try to get the TDSS one too and try it, unless you guys think it's all good since Hitman didn't find anything