Welcome to IToxy.com

Hi, Welcome to IT Oxy. This blog is primarily aim to share our information on Information Technology. I really appreciate if you are willing to give any input to this blog. If you want to share something, email at: admin@IToxy.com If you found any post interesting and useful, then please leave a comment and share with your friends.

Welcome to IToxy.com

Hi, Welcome to IT Oxy. This blog is primarily aim to share our information on Information Technology. I really appreciate if you are willing to give any input to this blog. If you want to share something, email at: admin@IToxy.com If you found any post interesting and useful, then please leave a comment and share with your friends.

Welcome to IToxy.com

Hi, Welcome to IT Oxy. This blog is primarily aim to share our information on Information Technology. I really appreciate if you are willing to give any input to this blog. If you want to share something, email at: admin@IToxy.com If you found any post interesting and useful, then please leave a comment and share with your friends.

Welcome to IToxy.com

Hi, Welcome to IT Oxy. This blog is primarily aim to share our information on Information Technology. I really appreciate if you are willing to give any input to this blog. If you want to share something, email at: admin@IToxy.com If you found any post interesting and useful, then please leave a comment and share with your friends.

Welcome to IToxy.com

Hi, Welcome to IT Oxy. This blog is primarily aim to share our information on Information Technology. I really appreciate if you are willing to give any input to this blog. If you want to share something, email at: admin@IToxy.com If you found any post interesting and useful, then please leave a comment and share with your friends.

How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)

If your PC is infected with the Win 7 Anti-Spyware 2011 malware or something similar, you’ve come to the right place, because we’re going to show you how to get rid of it, and free your PC from the awful clutches of this insidious malware (and many others)

Win 7 Anti-Spyware 2011 is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, Security Tool, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.

This particular virus goes by a lot of names, including XP Antispyware, Win 7 Antispyware, Win 7 Internet Security 2011, Win 7 Guard, Win 7 Security, Vista Internet Security 2011, and many, many others. It’s all the same virus, but renames itself depending on your system and which strain you get infected with.

The What Now?

If you aren’t familiar with this one, it’s time to take a look at the face of an awful scam. If you are infected, scroll down to the section where we explain how to remove it.

Once a PC is infected, it’ll display this very official-looking window, which pretends to scan your PC and find things that are infected, but of course, it’s all a lie.

The really crazy thing is that it pops up a very realistic looking Action Center window, but it’s actually the virus.

Removing Rogue Fake Antivirus Infections (General Guide)

There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

  • Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
  • If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
  • Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
  • Reboot your PC and go back into safe mode with networking.
  • If that doesn’t work, and safe mode is blocked, try running ComboFix. Note that I’ve not yet had to resort to this, but some of our readers have.
  • Install MalwareBytes and run it, doing a full system scan. (see our previous article on how to use it).
  • Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials).
  • At this point your PC is usually clean.

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).

Removing Win 7 Anti-Spyware 2011

Download a free copy of MalwareBytes, copy it to a thumb drive, and then install it on the infected PC and run through a scan. You might have better luck doing this in Safe Mode.

You may have better luck installing MalwareBytes first, if the virus will let you. In my case, it did not. When I scanned through the first time using SUPERAntiSpyware, it detected the viruses and removed the files just fine.

At this point, you should hopefully have a clean system. Make sure to install Microsoft Security Essentials, and don’t be fooled by these viruses again.

Can’t Open Any Applications After Deleting the Virus?

The next problem was that once the virus was removed, you couldn’t open anything—in fact, I still wasn’t even able to install MalwareBytes. Hopefully you have better luck.

Why couldn’t I open anything? Because the virus had rewritten the registry to force all applications to open the virus instead—which meant you couldn’t even open the registry editor to fix the problem. This problem might have been avoided had I properly completed the scan, but I interrupted it before it was done.

On a normal PC, there’s a registry key under HKEY_CLASSES_ROOT that specifies what happens when you double-click on an executable file (*.exe) – but on a virus-infected system, this value is rewritten with the virus executable. That’s how it prevents you from opening anything.

To fix the problem, I exported a clean registry file from another PC, and did a little extra hacking to it, and problem solved! All you have to do is download, extract, copy the .reg file to the infected PC, and double-click it to add the information into the registry.

Automatically Change Your Default Printer Based on Your Location

Windows 7 can automatically change your default printer based on which network you’re connected to.

The normal use case, of course, is to switch printers depending on whether you are at home or at work, but this feature is especially useful if you use one of the many print-to-PDF solutions—you can continue to print things even while you aren’t connected to any network.

Note: this does not work for Home edition of Windows 7, and Obviously it only applies to laptop PCs, since nobody carries a desktop around with them from location to location.

Switching Your Default Printer Automatically

Head into the Devices and Printers panel, and then just click on one of the printers, which will enable more buttons on the toolbar. Now you can select the “Manage default printers” button.

In here you can change the radio button to “Change my default printer when I change networks”.

And now you can select a network in the first drop-down, and then select the printer you want to assign to that network in the drop-down box. The neat trick is to select the “No network” item in the drop-down box for anytime you aren’t connected—this is what I use to assign my print-to-PDF as default when I’m offline.

At this point you can see I’ve got my home office network set to print to our printer, and when I’m offline, the default is to print to PDF instead.

Not that I really print very often.

Using the Default Printer

There’s really nothing you have to do—the default printer will switch back and forth depending on the network. For instance, in this screenshot I’m not connected to any network, and my default printer is now set to doPDF.

And now when I connect to my home network…

The default printer immediately changes.

Your are done Surprised smile

 
Copyright 2008 IToxy