We help IT Professionals succeed at work.

windows 7 security 2012 virus

Hi,
just got a virus which is called windows7 security 2012 and pretends to be an antivirus software so i wanted to know what the best free antivirus is to bootup from since i wana scan system from bootup since will be more thorough.  I have used avira in the past but wanted to know if there were better ones and also best way to remove this virus.  thanks
Comment
Watch Question

Commented:
Personally, I'd do a system restore for this type of virus if you have restore points prior to the infection.
Joe RudSystems Administrator
Commented:
I've been seeing more and more of these trojans this year.

I've had a lot of success using malwarebytes for removal.

This page runs you through step-by-step removal:
http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012
Top Expert 2012

Commented:
I think you will find that most of the EE community's foremost experts within the antivirus & malware zones actually recommend that you scan on the "live" system, rather than using a boot disc or rebooting into safe mode.  Take a few minutes to read this great tutorial by Younghv, and it should point you in the right direction:

Stop the Bleeding: First Aid for Malware!
Author of the Year 2011
Top Expert 2006
Commented:

I wrote an EE Article about the "2012" malware variants.
Please give it a read here:

2012-Malware-Variants]



@Run5k - thanks for the Props!

Author

Commented:
All good stuff, will run in the order you mentioned and hope it works.  
Gareth Tomlinson CISSPNetwork and Security Manager

Commented:
Also try TDSSKiller if you have a persistent rootkit, run it in safe mode.
Author of the Year 2011
Top Expert 2006

Commented:
@Hashemite -
Do you have any reason to believe that the *2012* variants have starting using a rootkit in their payload? If so, it is the first I have heard of it.

Please provide us with links to further information so we can do some more research.
Thanks.
Gareth Tomlinson CISSPNetwork and Security Manager

Commented:
I haven't seen it yet, but my experience is that these idiots seem to take it as an affront that you get rid of their garbage and then modify it with a rootkit - better safe than sorry is my motto!
I liked your article on removal, concise and comprehensible, a rare combination!
I'm also a big fan of MBAM.
Author of the Year 2011
Top Expert 2006

Commented:
"better safe than sorry is my motto!"

You got that right!
Thanks for responding - I was afraid there was something new (and worse) going on out there.
Appreciate the Article comment.
Top Expert 2007
Commented:
It is now more common that fake AVs are bundled with TDSS rootkits/TDL even ZeroAccess rootkits so it's a good idea to always run TDSSKiller even when the symptoms or the resident antivirus only detects fake AV or some other rogues.
Bleepingcomputer's tutorial on fake AVs/fake security 2011-2012 also states to run TDSSKiller to be on the safe side.
Author of the Year 2011
Top Expert 2006

Commented:
Excellent advice - thank you.
I've modified the Article to include that.