Win 7 Anti-Virus 2011 is a fake antivirus application that uses scare tactics to goad the user into purchasing a "registered" version of the product. Win 7 Anti-Virus 2011 will display several warnings, popups and messages claiming that your system is at risk. Naturally, all of these red flags that Win 7 Anti-Virus 2011 throws up are false, and are nothing more than a scare tactic.
UPDATE: This client is now causing many people to not even be able to run any executable at all. They are unable to even open a web browser. A work around is to merge the below .reg file with your registry. It basically tells Windows how to open .exe files again.
Download the file and just copy it over to the computer that is having issues and double click the file. Hit the Yes button when asked. As always we take no responsabilities for your actions. Always backup your data first before attempting any kind of computer repair. When in doubt hire an expert. We recommend www.pcninja.com because they know EXACTLY what to do to remove this threat.
Re-set how Windows opens .exe programs: http://www.removevirus.org/downloads/fix-exe-problem.reg
You can open the above file with notepad or any text editor but the below is what's in this file
"Windows Registry Editor Version 5.00
;Created for RemoveVirus.org . All rights reserved. You run this file at your own risk.
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids]
"exefile"=hex(0):"
Using the above attached file will help you be able to run executables again and you can user your web browser again and install anti-virus clients as well as updates.
How did I get in Infected with Win 7 Anti-Virus 2011?
Win 7 Anti-Virus 2011 is typically installed as a drive-by download, which usually means that it's installed without your permission.
What is Win 7 Anti-Virus 2011 doing to My Computer Right Now?
Once installed on a user's computer Win 7 Anti-Virus 2011 does not appear to disable task manager or any other processes, but its presence is often stubborn and highly annoying. It also performs fake scans with intentionally vague or fallacious results in an attempt to get you to purchase it.
Win 7 Anti-Virus 2011
» Download Win 7 Anti-Virus 2011 Removal Software
As soon as you find yourself infected with Win 7 Anti-Virus 2011 you need to take immediate action to remove it. Win 7 Anti-Virus 2011 removal can be very challenging for non savvy computer users.
Remove Win 7 Anti-Virus 2011 Automatically
How to Remove Win 7 Anti-Virus 2011 Manually
If the manual Win 7 Anti-Virus 2011 removal procedure seems a bit too complicated to handle, you can always go for some professional assistance to delete Win 7 Anti-Virus 2011 from your machine. www.pcninja.com is the website that we recommend for remote computer repair. You should aslo be able to install and use Spyware Doctor with Antivirus in safe mode with networking.
You will have to kill the following process first as the initial step to remove Win 7 Anti-Virus 2011:
- [RANDOM].exe ( IN OUR TESTINGS IT's BEEN 3 CHARACTERS LONG. )
The main executable of this threat is random. This makes removing such threats that much harder. The threat is normally found in %AppData%\Local\[RANDOM].exe and %UserProfile%\Local Settings\Application Data\[RANDOM].exe
The following files and folders will also need to be deleted:
%UserProfile%\Templates\t3e0ilfioi3684m2nt3ps2b6lru %UserProfile%\Local Settings\Application Data\[RANDOM].exe %AllUsersProfile%\t3e0ilfioi3684m2nt3ps2b6lru %AppData%\Roaming\Microsoft\Windows\Templates\t3e0ilfioi3684m2nt3ps2b6lru %AppData%\Local\t3e0ilfioi3684m2nt3ps2b6lru %AppData%\Local\[RANDOM].exe %AppData%\t3e0ilfioi3684m2nt3ps2b6lru %Temp%\t3e0ilfioi3684m2nt3ps2b6lru
Remove Win 7 Anti-Virus 2011: Cleaning the Registry
Once you are done with deleting the files listed above, don't forget to clean your registry. You will have to get rid of the following registry keys:
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM].exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM].exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"'
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM].exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"'
- HKEY_CLASSES_ROOT\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'
- HKEY_CLASSES_ROOT\.exe\shell\runas\command "(Default)" = '"%1" %*'
- HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM].exe" /START "%1" %*'
- HKEY_CLASSES_ROOT\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'
- HKEY_CLASSES_ROOT\.exe\DefaultIcon "(Default)" = '%1'
- HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM].exe" /START "%1" %*'
- HKEY_CLASSES_ROOT\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'
- HKEY_CLASSES_ROOT\exefile\shell\runas\command "IsolatedCommand" = '"%1" %*'
- HKEY_CLASSES_ROOT\exefile "Content Type" = 'application/x-msdownload'
- HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)" = '%1' = '"%UserProfile%\Local Settings\Application Data\[RANDOM].exe" /START "%1" %*'
- HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand" – '"%1" %*'
- HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand" = '"%1" %*'
- HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)" = '"%1" %*'
- HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)" = '%1'
- HKEY_CURRENT_USER\Software\Classes\exefile "Content Type" = 'application/x-msdownload'
- HKEY_CURRENT_USER\Software\Classes\exefile "(Default)" = 'Application'
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand" = '"%1" %*'
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)" = '"%1" %*'
- HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%UserProfile%\Local Settings\Application Data\[RANDOM].exe" /START "%1" %*'
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand" = '"%1" %*'
- HKEY_CURRENT_USER\Software\Classes\.exe "Content Type" = 'application/x-msdownload'
- HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = 'exefile'
It is recommended that you run a full virus scan of your machine to make sure that it is completely free of all sort of threats including Win 7 Anti-Virus 2011. For the scan, we suggest using Spyware Doctor with Antivirus.
Conclusion
Removal of XP Anti-Virus may be a bit complicated, but is by no means an impossible feat. Once you have followed he manual removal instructions, your computer should no longer be infected with this threat. However you do need to run a full virus scan to ensure you are no longer infected. We Recommend you run a scan with Spyware Doctor with Antivirus. If you need advanced help and can not remove this threat yourself you may ask your questions below or head over to www.pcninja.com to have an expert remote in and remove this virus for you.
Related Article Keywords: Win 7 Anti-Virus 2011, Remove Win 7 Anti-Virus 2011, Win 7 Anti-Virus 2011 Removal, How to Remove Win 7 Anti-Virus 2011
Speak Your Mind