Somehow I got the "Windows 7 2011 AntiSpyware" crap on my computer. I actually got it on my work computer the same day, so go figure. I don't know it I got it through my email or what, but either way I'm stuck fixing my own computer (helpdesk hooked me up at work -- they are just replacing the machine).

It kept popping up with phony messages about finding infections to try and con me into buying their crap. I found some stuff about deleting registry keys that get placed by the program. I deleted those, not when I click on almost anything I get an error that says "This file does not have a program associated with it for performing this action. Please install a program or, if one is already installed, create an association in the Default Programs control panel." It also lists the directory of the executable at the top of the error window. I have to go into that directory and right click the file to get it to open.

Can anyone help here?

 

http://www.malwarebytes.org/

It will remove it, it is awesome for that. Those fake antivirus viruses are EXTREMELY annoying. Users need to be careful what they click/allow.

 

This should do it:
http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2011
I've had a similar problem that was solved by this site.

Rereading your post it looks like you might have already got rid of it but it had already messed up your file associations.
You might need something like this:
http://filext.com/faq/broken_exe_association.php

 

I use XP Pro because its so flexible. I got a anti spy programme that dowloaded itself whilst my son was using it and it was of the really annoying ones that will not let you use the computer until you buy it and if you try to open task manager it says infected, if you try and start other anti v progs it says infected. So you force start the PC in "safe mode" and look for whats starting up in your pcs start menu or you look for programmes running and remove any you know are not the ones you want.

Alternatively as your computer is starting up quickly right click on the task bar and open task manager (once its opened it wont shut down) then look for programmes running that you dont want to run and shut them down (be very careful) have a pen and paper handy to write down the exact name of the files you shut and then go check them out in "search mode" this will identify your problem, open originating folder and remove it entirelyψ.

 

Why would anyone run windows without a virus scanner. Even Microsoft gives away Security Essentials for Windows 7 free.

 

Why would anyone run windows without a virus scanner. Even Microsoft gives away Security Essentials for Windows 7 free.

The one the OP has actually installs and replaces your antivirus software, as a VALID antivirus solution (if you pay them $50, it turns into real software or something like that). Then it disables all of the common antivirus, windows says you are protected, etc.

They keep coming out with new versions, most get installed by an internet popup window that looks Exactly like a Windows 7 Alert Dialog, and people click "OK", and that's the end of it.

How they haven't been either sued to death or shot is beyond me, this has been a problem for about 4 years now.

 

...if you pay them $50, it turns into real software or something like that...

This is wrong. It is a complete scam and giving your credit card details to the company will have you find someone in Israel (where they are based) has emptied your account.

 

MBytes can find most, but not all of these bugs. I needed to use Hitman Pro 3.5 (free for 30 days) to clear the WinXP AntiVirus malware from a home machine. The bug prevented all Internet access as well. I had to install the program from a thumb drive.
The reason a lot of people get these things is that they are logged in to their computers as Administrators. This gives implicit approval to download scripts from whatever site you visit, and the antivirus program you have won't stop all of them. I never go online as an Admin - it leaves you open to all kinds of bad stuff. The only issue with limiting your privileges is that you need to be an Admin to install new software (typically). Switching usernames is a small price for the added security.
BTW, some of the jerks that set up these scams are currently in jail in Europe. Your CC info may be just going down a black hole. The only sure thing is that you won't get a key or password to fix the bug, and as Tom66 said, you may find your CC gets maxed out within an hour.

 

all of these fake viruses have one thing in common,
they all reside in "users-appdata-local" folder and can be simply deleted in safe mode ... i deal with these on a daily basis at work

 

all of these fake viruses have one thing in common,
they all reside in "users-appdata-local" folder and can be simply deleted in safe mode ... i deal with these on a daily basis at work

Not all of them. Several embed themselves in Windows, and it's pretty difficult to remove them.

 

I hope you don't take offense to this, but if you were able to get infected by such a virus then you do not have the skills to remove it.

True PC viruses on non-updated software haven't existed in near 10 years. Anything else is a security vulnerability where a fault in the software allows unauthorized users access.. The user themself has to initiate the infection process. Pretty much every 'virus' you've heard about on a PC in the last 10 years is actually a Trojan.

 

I hope you don't take offense to this, but if you were able to get infected by such a virus then you do not have the skills to remove it.

True PC viruses on non-updated software haven't existed in near 10 years. Anything else is a security vulnerability where a fault in the software allows unauthorized users access.. The user themself has to initiate the infection process. Pretty much every 'virus' you've heard about on a PC in the last 10 years is actually a Trojan.

In many cases, you're correct, but do remember some viruses do exploit security holes. Many nowadays use social engineering, but not all. You can still get a proper virus on a system.

 

Name one tom =)

 

Name one tom =)

Conficker. It was a big thing a few months ago. From http://en.wikipedia.org/wiki/Conficker.

Conficker, also known as Downup, Downadup and Kido, is a computer worm targeting the Microsoft Windows operating system that was first detected in November 2008.[1] It uses flaws in Windows software and Dictionary attacks on administrator passwords to co-opt machines and link them into a virtual computer that can be commanded remotely by its authors. Conficker has since spread rapidly into what is now believed to be the largest computer worm infection since the 2003 SQL Slammer,[2] with more than seven million government, business and home computers in over 200 countries now under its control. The worm has been unusually difficult to counter because of its combined use of many advanced malware techniques.[3][4]

 

2008 was a few months ago? 2011 is less than three weeks away here =)

I asked you to name one though and you picked a lulu => That one got EVERYONE to notice PC's, including all major governments and every major software maker in the world. It got a lot of press, and it's only 1 virus.

The point was there are millions upon millions of other 'viruses' out there, not even a large portion of of .001% of them can qualify as a true virus like Conficker can. I doubt the percentage is even that high, unfortunately there's not a lot of good data to show this in black and white because anti virus companies don't make their data collection techniques or results known to the general public.

You show me a modern PC with a virus infection, I'll guarantee backed by 100 bucks, that the user had outdated software without automatic updates turned on, or that the virus was actively initiated by someone using the machine at the time of infection.

The SQL bug a few years before Conficker and Conficker itself got everyone's attention, but it's a drop in the bucket compared to the true reality of viruses on home PC's, they'll forever be called viruses but they don't work true to their form anymore.

 

You said name one. I did. Anyway, here's a list of major viruses from 2010, again Wikipedia (http://en.wikipedia.org/wiki/Timeline_of_notable_computer_viruses_and_worms):

2010

• February 18: Microsoft announced that a BSoD problem on some windows machines which was triggered by a batch of Patch Tuesday updates was caused by the Alureon trojan[34]

• June 17: Stuxnet, a Windows trojan, was detected.[35] It is the first worm to attack SCADA systems.[36] Some suggest targets Iranian nuclear facilities.[37] It uses a valid certificate from Realtek.[38]

• September 9: The virus, called "here you have" or "VBMania", is a simple Trojan Horse that arrives in the inbox with the odd-but-suggestive subject line "here you have". The body reads "This is The Document I told you about, you can find it Here" or "This is The Free Download Sex Movies, you can find it Here". (Note this is the only social engineering virus unlike the other ones.)

• September 15: The Virus called Kenzero is a virus that spreads online from Peer to peer (P2P) sites taking browsing history.[39]

Don't forget the others from 2009 and 2008. Also, don't forget Conficker was big in April, when it was attempting to update its software. And variants of Conficker, up to Conficker E, were released just over a year ago.

 

Kenzero, Alueron, and here you have are all straight up trojans, the user caused the infection directly in every single case, there is no method for it to self propagate, so they technically can't be called true computer viruses. 100% stupid user syndrome there.

Stuxnet looks like a real piece of work though, maybe not as prolific as Conficker but slick and well designed, a true virus and aimed for industrial/military espionage no less.

The vast majority of all so call 'virus' infections are user or system admin fault (often the same person sometimes not). Stuxnet even used Conficker which was at the time patched, however it used several other zero day vulnerabilities as well which is why you gotta respect (if not abhor the motives) of the people that made it.

You have to keep in mind as well just because viruses like conficker and stuxnet hit the news doesn't mean that they're more prolific than the bulk majority of infections. Go talk to anyone that works at a PC repair place that does systems cleanings, ask them how many of the machines that were brought it were hit by a true virus as opposed to a trojan.

 

I disagree with this:

True PC viruses on non-updated software haven't existed in near 10 years. Anything else is a security vulnerability where a fault in the software allows unauthorized users access.. The user themself has to initiate the infection process. Pretty much every 'virus' you've heard about on a PC in the last 10 years is actually a Trojan.

I agree with this:

The vast majority of all so call 'virus' infections are user or system admin fault (often the same person sometimes not). Stuxnet even used Conficker which was at the time patched, however it used several other zero day vulnerabilities as well which is why you gotta respect (if not abhor the motives) of the people that made it.

as in my previous post:

In many cases, you're correct, but do remember some viruses do exploit security holes. Many nowadays use social engineering, but not all. You can still get a proper virus on a system.

 

Okay then we're on the same page Tom, but let me add this to what I meant when I said "True PC viruses on non-updated software haven't existed in near 10 years"

When I said 'existed' I should have said not substantially so with a few exceptions =) It's so hard to say things in black and white and still sound sensible, and I've proved that point clearly I do apologize extravagantly on that point in saying that I was a fool for making that statement.

I think my major contention with your view is based on your previous post.

In many cases, you're correct, but do remember some viruses do exploit security holes. Many nowadays use social engineering, but not all. You can still get a proper virus on a system.

It's not just 'many' it's the drastically predominate bulk majority. Viruses do exploit security holes, but social engineering is NOT a security hole in the software/hardware systems themselves it's the users of those systems, the system can't control a so called 'trusted' source such as the user. Modern systems are trying to work around that whole mess because it's not so simple, how do you let the user do what they want without compromising a global network that the user depends their experience upon to exist?

My main thought is that education of the users of systems is more important by a thousand fold than the inherent security a system can provide, basic things such as good password protection and limiting web traffic to trusted sources and even then restricting those trusted sources via encryption for sensitive matters, and even then knowing that that encrypting can't possible hold over the long term so adjusting the behavior of the users to take this into account to create a stable usable system.

Modern PC kernals and OS's seriously have to treat anything they interact with as a 'hostile force' scary because the users/admins can't be trusted to know what they're doing.

 

sceadwian. Do you think it would be a plausible idea to isolate contaminated computers with viruses on them? It would both cause people to fix their computers and make them more conscious of security. Often a botnet'd computer is not obvious to the user. 80% of spam from botnets. Think maybe 75% less spam.