Whats the best way to remove "Win 7 Security 2012" virus?

Current virus definitions up to date. Yet still, my Wife's PC just got the "Win 7 Security 2012 virus/malware. I tried booting up in safe mode to install a 'cleaner'. The virus interupted it. I tried Systen Restore. It failed with an error.

Anyone know how to get rid of it?

Well, in all my electronic frustration over the years, this seems to fix every problem.

Hell, it fixed my printer right up nicely.

Any questions Chris???

freetown fred wrote:Any questions Chris???

Nope, that was my first choice.... The wifey put a stop to that, though

I'm going thru the online procedures to remove it now. Seems like it gets right by all antivirus software, even if its been updated.....

Well, it looks like the System Restore did work, even though it ended with an error. After a restart, I was able to download a new Virus definition file for my antivirus software, and it is busily doing a full scan right now.

Yep, that system restore has saved my ass more then once. Outstanding my friend.

Install Linux. It laughs at Windows viruses.

This has worked for me in the past and it's free! Just download it, install, run and then uninstall after the scan!

http://support.kaspersky.com/viruses/av ... 11?level=2

Rich

009to090 wrote:Current virus definitions up to date. Yet still, my Wife's PC just got the "Win 7 Security 2012 virus/malware. I tried booting up in safe mode to install a 'cleaner'. The virus interupted it. I tried Systen Restore. It failed with an error.

Anyone know how to get rid of it?

Get the wife and kids an ipad for surfing.

Get a technet subscription from MS and find the latest drivers for your Rig.
Many times system restores install all kinds of custom junk programs which may have rogue ads which lead you to sites with spy/malware.

Install a fresh os, drivers, win 7 should find most mobo components, and apps.
Get all the latest updates, patches.

Make your own recovery Dvds

Then make sure you backup your critical files to offsite storage, rewritable dvd, or nas device with raid.

Every year make it a habbit of restoring the image updating the image with latest patches, software.

Think of it like shutting down the boiler, and getting it cleaned and oiled for another season.

It is a pain in the *ss to get rid of, it has a root kit so go get this first.
Kapersky TDSS Killer 2.6.23.0. It is free and so are any updates, it doesn't run in the background or anything like that, no memory usage. You have to open the program to make it run so get in the habit of running it every few days. Next, go to http://www.malwarebytes.org/ get the free download, it only runs 30 days but it is the only thing that will find the infected files, Windows Security Essentials does not find the problem and doing a restore does no good because the problem is embedded in the rootkit virus. Malwarebytes will still work after 30 days and go get updates but it is limited. I paid the $24.99 and bought the full version because i like the way it finds stuff that Windows and others do not find. Believe me, i had problems with this for a while, if you open task manager and see a exe file with 3 letters, that is your virus running, every time you open a program, it also opens, it looks like a real Windows security warning but it is not, be warned, really a pain in the butt.

mozz wrote:It is a pain in the *ss to get rid of, it has a root kit so go get this first.
Kapersky TDSS Killer 2.6.23.0. It is free and so are any updates, it doesn't run in the background or anything like that, no memory usage. You have to open the program to make it run so get in the habit of running it every few days. Next, go to http://www.malwarebytes.org/ get the free download, it only runs 30 days but it is the only thing that will find the infected files, Windows Security Essentials does not find the problem and doing a restore does no good because the problem is embedded in the rootkit virus. Malwarebytes will still work after 30 days and go get updates but it is limited. I paid the $24.99 and bought the full version because i like the way it finds stuff that Windows and others do not find. Believe me, i had problems with this for a while, if you open task manager and see a exe file with 3 letters, that is your virus running, every time you open a program, it also opens, it looks like a real Windows security warning but it is not, be warned, really a pain in the butt.

Thanks Mozz, yes, I ran the Malwarebytes after the System Restore. Nothing found. Also ran the TDSS Killer with same results. Seems like the System Restore wiped out all traces of it.

Just be careful. first time i had the virus, it came back. I don't trust system restore or Microsoft security essentials. Run Malwarebytes every few days and do a full scan instead of quick scan. Better safe then sorry. I think mine was coming up under task manager as ofv.exe.
Associated Malware Groups
The unsafe files using this name are associated with the malware groups:

Cloaked Malware
Malicious Software

File Behavior

OFV.EXE has been seen to perform the following behavior:

Writes to another Process's Virtual Memory (Process Hijacking)
Executes a Process
Registers a Dynamic Link Library File
This process creates other processes on disk
The Process is packed and/or encrypted using a software packing process

OFV.EXE has been the subject of the following behavior:

Executed as a Process
Created as a process on disk
Has code inserted into its Virtual Memory space by other programs
Terminated as a Process
Registered as a Dynamic Link Library File

Country Of Origin

The filename OFV.EXE was first seen on Feb 6 2010 in the following geographical regions of the Webroot community:

Philippines on Feb 6 2010
New Zealand on Apr 30 2010
The United Kingdom on Apr 30 2010
Mexico on Oct 6 2010
The United States on Jan 13 2011

File Name Aliases

OFV.EXE can also use the following file names:

KGK.EXE
KGN.EXE

Filesizes

The following file size has been seen:

161,792 bytes
359,424 bytes
387,072 bytes
289,792 bytes
321,024 bytes
136,704 bytes
211,968 bytes

File Type

The filename OFV.EXE refers to many versions of an executable program.

Worst case, you can reformat pc to take it to original state. It's a good habit to reformat any pc every 2 yrs.

By reformatting do you mean wiping out the whole disc & reloading the OS? I've always heard of doing this but sounds like a MAJOR pain in the ass. Every single computer I have had probably needed this.