Windows 7 Security 2012 Virus

[Wulfgang]

Have followed the instructions at the following link to the T:

http://www.bleepingcomputer.com/viru...-security-2012

Definitely helped but has not removed everything. Last time I had this virus on XP, I had to reformat my computer. Would love to avoid that this time. Part of the issue is that while Malwarebytes will prevent the popups and .exe virus intervention (e.g. won't let me run antivirus software) I continue to have weird issues in Firefox and Chrome.

Basically it's like this virus combined with a redirect virus. For example, about 1/5 when I google something, it will go instead to some weird ghetto site that is obviously A) not what I searched for and B) a virus haven. About 1/30 of these redirections will lead to the same shitty Windows 7 2012 Security Virus being sneakily reinstalled on my comp.

Has anyone dealt with this crap successfully?

[Celeras]

I have on my brothers PC, but it doesnt fully penetrate on 64bit OS's and was quite easy to remove.

[Crowort]

Check your proxie settings are set right (likely automatic) Sometimes these change it, normally it just stops you connecting at all. It is worth running scans again from another user account. Are you saying it is still blocking AV running or that it did?

[Thiefami]

Check your proxie settings are set right (likely automatic) Sometimes these change it, normally it just stops you connecting at all. It is worth running scans again from another user account. Are you saying it is still blocking AV running or that it did?

^this, it'll change it. Check your lan settings in your browser and make sure it's not using a proxy server. I had to clear this virus twice, one on my brothers laptop and the other my moms pc in the past week.

[Rellikard]

Can also try HiJackThis to remove browser redirects.

[Crab_Cake]

How are people getting this? A lot have been infected lately it seems.

Is it bad ads from legit sites? Some Windows security exploit that can infect your computer as long as you're connected to the internet?

[Mikelee0351]

From what I hear it's been getting around from imgur somehow. I had it a couple days ago, downloaded Microsoft Security Essentials, that took care of it.

[Slott]

2 people at my company got it this week, and 1 friend on wow :/

Easiest way to get rid of it: (it's not actually only the antivirus thing, but it's a rootkit called rootkit.zeroaccess that's being spread, which downloads the AV thing as one of its many functions)

Load into safemode, log into a different account than the one effected (an admin account or anything)

Run combofix twice, let it reboot, run malware bytes, run super anti spyware. (All taken from that AV thread)
Check your network settings in firefox, disable the proxy. Go into the firewall settings, turn the firewall on, delete any entries it made under exceptions. Check your internet settings(via controlpanel or IE), change all the levels back from "custom" to medium -> high.

exe files most likely won't work (on the effected profile), they'll come up with some bullshit about what program to use to open them -> Go to www.dougknox.com -> win xp fixes -> file association fix -> exe fix. Run that registry entry, exe files work again. Combofix may fuck with your "maximum profile storage" or whatever, if it does, theres a registry fix for that too, not sure if it's on that site.