如何删除Win 7 Anti-Spyware 2011（假反病毒感染）-CSDN博客

If your PC is infected with the Win 7 Anti-Spyware 2011 malware or something similar, you’ve come to the right place, because we’re going to show you how to get rid of it, and free your PC from the awful clutches of this insidious malware (and many others)

如果您的PC感染了Win 7 Anti-Spyware 2011恶意软件或类似恶意软件，那么您来对地方了，因为我们将向您展示如何摆脱它，并使您的PC摆脱困境。这种阴险的恶意软件(以及许多其他恶意软件)

Win 7 Anti-Spyware 2011 is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, Security Tool, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.

Win 7 Anti-Spyware 2011只是许多伪造的防病毒应用程序之一，例如Antivirus Live ， Advanced Virus Remover ， Internet Security 2010 ， Security Tool以及其他将您的计算机扣为人质直到您支付赎金的软件。他们告诉您您的PC感染了假病毒，并阻止您采取任何措施将其删除。

This particular virus goes by a lot of names, including XP Antispyware, Win 7 Antispyware, Win 7 Internet Security 2011, Win 7 Guard, Win 7 Security, Vista Internet Security 2011, and many, many others. It’s all the same virus, but renames itself depending on your system and which strain you get infected with.

这种特定的病毒有很多名称，包括XP Antispyware，Win 7 Antispyware，Win 7 Internet Security 2011，Win 7 Guard，Win 7 Security，Vista Internet Security 2011以及许多其他名称。它们都是相同的病毒，但是会根据您的系统和您感染的毒株进行重命名。

现在该怎么办？ (The What Now?)

If you aren’t familiar with this one, it’s time to take a look at the face of an awful scam. If you are infected, scroll down to the section where we explain how to remove it.

如果您不熟悉这一点，是时候看看一下可怕的骗局了。如果您被感染，请向下滚动至我们说明如何删除它的部分。

Once a PC is infected, it’ll display this very official-looking window, which pretends to scan your PC and find things that are infected, but of course, it’s all a lie.

一旦PC被感染，它将显示一个看起来非常正式的窗口，该窗口假装扫描您的PC并查找被感染的东西，但是，当然，这只是一个谎言。

The really crazy thing is that it pops up a very realistic looking Action Center window, but it’s actually the virus.

真正疯狂的是，它弹出了一个非常逼真的Action Center窗口，但实际上是病毒。

删除流氓假防病毒感染(常规指南) (Removing Rogue Fake Antivirus Infections (General Guide))

There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

通常，您可以遵循几个步骤来消除大多数流氓防病毒感染以及实际上大多数类型的恶意软件或间谍软件感染。以下是快速步骤：

Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
尝试使用免费的便携式SUPERAntiSpyware版本删除病毒。
If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
如果这不起作用，请通过网络将PC重新引导至安全模式(在Windows开始加载之前立即使用F8)
Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
尝试使用免费的便携式SUPERAntiSpyware版本删除病毒。
Reboot your PC and go back into safe mode with networking.
重新启动PC并通过网络返回安全模式。
If that doesn’t work, and safe mode is blocked, try running ComboFix. Note that I’ve not yet had to resort to this, but some of our readers have.
如果这不起作用，并且安全模式被阻止，请尝试运行ComboFix 。 请注意，我还没有求助于此，但是我们的一些读者却有求助。
Install MalwareBytes and run it, doing a full system scan. (see our previous article on how to use it).
安装MalwareBytes并运行它，进行完整的系统扫描。 (请参阅上一篇有关如何使用它的文章)。
Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials).
再次重新启动PC，然后使用常规的防病毒应用程序运行全面扫描(我们建议使用Microsoft Security Essentials)。
At this point your PC is usually clean.
此时，您的电脑通常是干净的。

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).

这些是通常有效的规则。 请注意，有些恶意软件感染不仅会阻止安全模式，而且还会阻止您执行任何操作。 我们将很快在另一篇文章中介绍这些内容，因此请确保订阅How-To Geek以获得更新(页面顶部)。

删除Win 7 Anti-Spyware 2011 (Removing Win 7 Anti-Spyware 2011)

Download a free copy of MalwareBytes, copy it to a thumb drive, and then install it on the infected PC and run through a scan. You might have better luck doing this in Safe Mode.

下载免费的MalwareBytes副本，将其复制到拇指驱动器，然后将其安装在受感染的PC上并进行扫描。在安全模式下，这样做可能会更好。

You may have better luck installing MalwareBytes first, if the virus will let you. In my case, it did not. When I scanned through the first time using SUPERAntiSpyware, it detected the viruses and removed the files just fine.

如果病毒允许您先安装MalwareBytes，则可能会更好。就我而言，事实并非如此。当我使用SUPERAntiSpyware进行第一次扫描时，它检测到病毒并很好地删除了文件。

At this point, you should hopefully have a clean system. Make sure to install Microsoft Security Essentials, and don’t be fooled by these viruses again.

在这一点上，您应该有一个干净的系统。确保安装Microsoft Security Essentials，不要再被这些病毒所欺骗。

删除病毒后无法打开任何应用程序？ (Can’t Open Any Applications After Deleting the Virus?)

The next problem was that once the virus was removed, you couldn’t open anything—in fact, I still wasn’t even able to install MalwareBytes. Hopefully you have better luck.

下一个问题是，一旦病毒被删除，您将无法打开任何文件-实际上，我什至无法安装MalwareBytes。希望你有更好的运气。

Why couldn’t I open anything? Because the virus had rewritten the registry to force all applications to open the virus instead—which meant you couldn’t even open the registry editor to fix the problem. This problem might have been avoided had I properly completed the scan, but I interrupted it before it was done.

我为什么不能打开任何东西？因为该病毒重写了注册表，以强制所有应用程序打开该病毒，所以您甚至无法打开注册表编辑器来解决此问题。如果我正确完成了扫描，可能会避免此问题，但是在完成扫描之前我先中断了它。

On a normal PC, there’s a registry key under HKEY_CLASSES_ROOT that specifies what happens when you double-click on an executable file (*.exe) – but on a virus-infected system, this value is rewritten with the virus executable. That’s how it prevents you from opening anything.

在普通PC上，HKEY_CLASSES_ROOT下有一个注册表项，用于指定当您双击可执行文件(* .exe)时发生的情况–但是在受病毒感染的系统上，此值将被病毒可执行文件重写。这样可以防止您打开任何东西。

To fix the problem, I exported a clean registry file from another PC, and did a little extra hacking to it, and problem solved! All you have to do is download, extract, copy the .reg file to the infected PC, and double-click it to add the information into the registry.

为了解决该问题，我从另一台PC导出了一个干净的注册表文件，并对它进行了一些额外的修改，问题得以解决！您所需要做的就是下载，解压缩.reg文件并将其复制到受感染的PC，然后双击它以将信息添加到注册表中。

Download the Fixing Malware Appliction Won’t Open Registry Hack

下载修复恶意软件应用不会打开注册表黑客