My other computer is completely halted by Win 7 security [something] 2012.
I have gotten a couple of links to procedures for removing it. One says go to landzdown and another suggested bleepingcomputer. Do you have any suggestions as to which is better? Something else?
We will have to download some cleanup utility to a USB and take it to the infected computer as nothing will run on the sick machine now. I’ve gotten suggestions for SuperAntiSpyware followed by Malwarebytes. If you have experience does that sound reasonable?
I got this malware last week and attempted to clean up my own registry, which was probably not the brightest idea. I ended up having to re-image the PC, which wasn’t a huge problem since it was a recent purchase.
I’d like to punch in the face whoever writes these things.
Bleepingcomputer.com is a very reputable site for getting help. MalwareBytes is terrific for cleaning this sort of thing. Starting in Safe Mode is your best bet for actually being able to install it. Also, download and run rkill.exe first, which will stop any running malware that are blocking you from fighting back.
My mother’s Windows XP laptop got hit with this crap (or something similar). Among other things, the registry key was reset so that any executable file (basically, any software) would not run when its icon (including shortcut) was double-clicked (Windows would ask, “What program would you like to use to open this file?”).
I found a reputable little freeware, WinXP_EXE_Fix.reg, which seems to have fixed it. Of course, your mileage may vary!
I got hit with this bitch on Christmas Eve. I wound up shelling out $30 for Spyware Doctor, which cleaned it up quite nicely. Things were still a little wonky afterwards, though, so I had to rollback the machine to the most previous restore point. Wish I had tried MalwareBytes first.
Yeah, that works too, but a lot of people aren’t comfortable doing that, and if you hit the wrong process you lock up your PC. rkill takes the guesswork out.
Another vote for bleepingcomputer. They helped me get rid of a really annoying rootkit/redirect last summer.
If you post to their forums, someone will even walk you through it step by step (although it sometimes takes them a while to get to you) or they do have guides and links to tools to get rid of it yourself.
Another vote for Bleepingcomputer. I had to remove this malware twice this month (once on my PC, once on my wife’s laptop). While Malwarebytes is what actually removes the malware, Bleepingcomputer provided some items (like rkill.exe and others) that allow you to get rid of any internet redirects if you need to download Malwarebytes. One of the versions of the malware I had hid all of my files on my PC, and bleepingcomputer had a little program that reversed that (Malwarebytes didn’t fix that). That wasn’t required on the laptop.
I’ve been fighting with this for a few weeks the one that finally (touch wood) got rid of it was this one: http://www.combofix.org/ (EDIT: Remembered program name wrong, Catchme did not work for me)
But be aware it does some pretty extreme messing with your PC, I’d try something less hardcore like MalwareBytes (http://www.malwarebytes.org/) first (You made need to start it from “Safe Mode with Command Line”).
I’ve been having the same problem, and I just tried Combofix today. It seems to have worked, but I’m still not completely sure. I’m still getting error messages with the Windows Firewall and Windows Defender, though.
Yep, that’s it exactly. I was having problems opening .pdfs in my Firefox, so I tried reverting back to Acrobat Reader 8.12.xx. That didn’t help. Later I had the browser open and Reader suddenly loaded for no reason. A second later the antivirus malware just came out of nowhere.
Even after you’ve managed to get rid of this malware, check your firewall status. It damaged my Windows Firewall so that I could not turn it on. I had to import replacement registry keys in order to get it working again.