Win7 Antivirus 2012
Out of nowhere, today, my computer was infected with the Win7 Antivirus 2012 virus. Do you have a solution for this humongous problem that prevents me from running any of Microsofts Security tools to combat its presence? Is there a way I can download a solution on a different system and boot it and run it from the optical of the computer laptop that has been affected?
December 20th, 2011 10:20pm

I would download microsoft security essentials it's a free product and it should help you remove it. http://windows.microsoft.com/en-US/windows/products/security-essentials Trend micro has a free online scaner http://housecall.trendmicro.com/ If you want to do it manuly try the instructions here. http://www.2-viruses.com/remove-win-7-anti-virus-2012
Free Windows Admin Tool Kit Click here and download it now
December 21st, 2011 12:16am

Hi, For information about Security updates, visit the Microsoft Virus Solution and Security Center for resources and tools to keep your PC safe and healthy. Best Regards, Niki Niki Han TechNet Community Support
December 23rd, 2011 12:13am

It is very disappointing that so many people have this issue and exe files are unassociated and MS has no fix for this damn thing
Free Windows Admin Tool Kit Click here and download it now
December 23rd, 2011 6:11pm

I found a way to get any Antivirus to run to get rid of this rogue antivirus, Go to Start > Computer > Local Disk (i.e. drive C:)> Program Files or Program Files (x86) [ where ever your anti-virus program is] find your antivirus program (i.e. Malwarebytes Anti-Malware, MS Security Essentials, Trend Micro, ect.). Find the main executable that runs your antivirus that you installed and RENAME IT "iexplorer.exe". This is so Win7 Antivirus 2012 doesn't recognize it as an intruder. Then try to open it. I was able to get Malwarebytes to open by doing this in Safe Mode on MS Windows 7 ultimate. I ran it even tho it was 15 days outdated and it picked it up and removed it. hope this helps!!!
December 23rd, 2011 10:34pm

Win 7 Internet Security 2012 / Win 7 Home Security 2012./ Win 7 Anti Virus / Windows 7 Security 2012 all these are same spayware. If you are trying to remove this spyware, there are full instructions on how to do that manually at the link : http://123seminarsonly.com/Tips/007/Win-7-Internet-Security-2012.html http://www.easy2resolve.com/software-issues/remove-vista-security-2011-2012 If you wish you can download and run Norton Bootable Recovery Tool (NBRT). It is a Free Tool.
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2011 10:11am

If FakeAV shuts down things like Task manager that prevents you from cleaning the system, I`ve used Process Explorer to shut down the nasty processes. Then continue with scanning the machine using my AV as well as Malwarebytes. I would also remove temp files and clean the registry as well as run rootkit removers. Ultimately, it`s better to just reimage. In my mind, unless you absolutely can not fix the issue, just reimage it, you may end up spending less time reinstalling Windows then having to remove the junk stuff. On another note System Restore maybe a solution if restore points have not been affected... http://technet.microsoft.com/en-us/sysinternals/bb896653
December 28th, 2011 1:20pm

I HAD THE SAME THING HAPPEN A FEW DAYS AGO. I DELETED THE MS SECURITY UPDATES KB2618451, 2618444, 2619339, 2620712, 2639417 REBOOT AND EVERYTHING WENT BACK TO BEING OK. NO MORE AUTOMATIC DOWNLOADS FOR ME!!
Free Windows Admin Tool Kit Click here and download it now
December 28th, 2011 2:26pm

OK this has been successful at removing this Win 7 Antivirus 2012: (It has a bunch of other names too.) Boot to Safe Mode with networking and login as admin (if possible not the infected users account) I copy from my personal Malware Utilities Disk (MUD) the following: Malwarebytes Process Explorer Autoruns FixNCR.reg RKill TDSS Killer SecuniaPSI I run Malwarebytes (full scan) If it doesn’t run I run RKill and FixNCR.reg Malwarebytes should now run. Remove anything it finds and reboot. I reboot again to Safe Mode to let Malwarebytes finish but then I reboot regularly. Login as the user. Delete Temp Internet files and recycle bin Run Malwarebytes again, full scan Assuming it’s clean… I peruse Autoruns and Process Explorer for anything unusual. I remove Flash, Java and Adobe reader and reboot. I reinstall the above 3. All Windows updates (In one instance the malware damaged Windows update. I had to reinstall The services “Automatic Updates” and “Background Intelligent Transfer Service”.) Run Secunia PSI and update/remove anything else until I get a score of 100% I believe this comes through unpatched Java, but it's just an educated guess.
December 29th, 2011 7:24am

this worked for me...thx......one note.....i had to click "run as administrator" for it to launch.....thx again
Free Windows Admin Tool Kit Click here and download it now
January 1st, 2012 10:33am

My hp laptop was infected with this virus just yesterday. I couldn't access the internet. First I switched off the computer and restarted in Safe Mode (by holding down f8). Next, I simply used 'system restore' (control panel) to go back to my laptop's status as of Jan. 1 and it worked. Then to be sure I downloaded and ran Spy Hunter just to be sure the virus was gone. So far so good.
January 8th, 2012 12:25am

I got this virus last week. Luckily I recognized it pretty quickly as a rogue virus when it kept telling me I had so many viruses (and I"m pretty religious about scanning, so it had to be a fake). It looks real, of course. But I read up from another computer on how to get rid of it ( the one that worked best was system recovery and then I could run Windows Security Essentials which eliminated the rest of it). I got my computer back. (Heavy sigh of relief). However - now the blue and yellow shield icon that was so prevalent on the virus is appearing on several of the programs that I used when the virus was active on my system before I knew it was there. It's also appearing on many commands on the context menu (like rename). I've tried to eliminate the shield, but it doesn't seem to be impacted by anything I try. I ran the FixNCR.reg and RKill. Is the virus still active on my system in the background despite Windows Security Essentials telling me it's gone? Any help would be greatly appreciated. Thanks CJ
Free Windows Admin Tool Kit Click here and download it now
January 14th, 2012 1:36pm

Yes. This works. Make sure you restart in SAFE mode and then reload prior restore point. Thanks!
January 14th, 2012 1:43pm

Actually I was able to delete Win 7 Antivirus 2012 in normal mode. If you have MSE or Malwarebytes try running them with Admin's rights. Right-click the icon at desktop of one of these applications and run it with Administrator's rights. Here is how you can do it - http://www.deletevirus.net/name-changing-rogue-2012-aliases/ I removed Win 7 Antivirus 2012 for free with MBAM, by the way.
Free Windows Admin Tool Kit Click here and download it now
January 17th, 2012 8:35am

I had the same issue but resolved it with a task killer renamed iexplore then used security essentials to clean for good. One thing I noticed just before the infection occurred was a series of popups saying adobe flash was trying to make a change to my hard drive. is this process getting installed by piggy backing on flash content?
February 2nd, 2012 8:45am

I had the same issue but resolved it with a task killer renamed iexplore then used security essentials to clean for good. One thing I noticed just before the infection occurred was a series of popups saying adobe flash was trying to make a change to my hard drive. is this process getting installed by piggy backing on flash content? Older (vulnerable) versions of Flash Player are indeed one "facilitator" for rogues to get in, assuming you hit upon an infected flash media. As a sidebar, I'd recommend you check closely that your firewall is on. Check-up in Windows 7 Action Center.Maurice Naggar ~ MVP (Oct 2002 - Sept 2010)
Free Windows Admin Tool Kit Click here and download it now
February 2nd, 2012 9:55am

This works for me. I have found that it pops up on my computer only when I am on Face Book. I have sent them a e-mail describing the activity so that they can investigate. I believe it to be imbedded in some ad on theeir website. When I see it on screen I just reboot my computer without incident. Whatever you do, DO NOT click on it. I was able to clean it off by downloading System Scan from Microsoft. It takes some time to scan the whole computer but it did clean it from my computer. Hope this helps.
May 24th, 2012 9:42pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics