Win7 Antivirus 2012
Out of nowhere, today, my computer was infected with the Win7 Antivirus 2012 virus. Do you have a solution for this humongous problem that prevents me from running any of Microsofts Security tools to combat its presence? Is there a way I can download a solution
on a different system and boot it and run it from the optical of the computer laptop that has been affected?
December 20th, 2011 10:20pm
I would download microsoft security essentials it's a free product and it should help you remove it.
http://windows.microsoft.com/en-US/windows/products/security-essentials
Trend micro has a free online scaner
http://housecall.trendmicro.com/
If you want to do it manuly try the instructions here.
http://www.2-viruses.com/remove-win-7-anti-virus-2012
Free Windows Admin Tool Kit Click here and download it now
December 21st, 2011 12:16am
Hi,
For information about Security updates, visit the Microsoft
Virus Solution and Security Center
for resources and tools to keep your PC safe and healthy.
Best Regards,
Niki
Niki Han
TechNet Community Support
December 23rd, 2011 12:13am
It is very disappointing that so many people have this issue and exe files are unassociated and MS has no fix for this damn thing
Free Windows Admin Tool Kit Click here and download it now
December 23rd, 2011 6:11pm
I found a way to get any Antivirus to run to get rid of this rogue antivirus, Go to Start > Computer > Local Disk (i.e. drive C:)> Program Files or Program Files (x86) [ where ever your anti-virus program is] find your antivirus program
(i.e. Malwarebytes Anti-Malware, MS Security Essentials, Trend Micro, ect.). Find the main executable that runs your antivirus that you installed and RENAME IT "iexplorer.exe". This is so Win7 Antivirus 2012 doesn't recognize it as an intruder. Then try to
open it. I was able to get Malwarebytes to open by doing this in Safe Mode on MS Windows 7 ultimate. I ran it even tho it was 15 days outdated and it picked it up and removed it. hope this helps!!!
December 23rd, 2011 10:34pm
Win 7 Internet Security 2012 / Win 7 Home Security 2012./ Win 7 Anti Virus / Windows 7 Security 2012 all these are same spayware.
If you are trying to remove this spyware, there are full instructions on how to do
that manually at the link :
http://123seminarsonly.com/Tips/007/Win-7-Internet-Security-2012.html
http://www.easy2resolve.com/software-issues/remove-vista-security-2011-2012
If you wish you can download and run Norton Bootable Recovery Tool (NBRT). It is a Free Tool.
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2011 10:11am
If FakeAV shuts down things like Task manager that prevents you from cleaning the system, I`ve used Process Explorer to shut down the nasty processes. Then continue with scanning the machine using my AV as well as Malwarebytes. I would also remove temp files
and clean the registry as well as run rootkit removers. Ultimately, it`s better to just reimage. In my mind, unless you absolutely can not fix the issue, just reimage it, you may end up spending less time reinstalling Windows then having to remove the junk
stuff. On another note System Restore maybe a solution if restore points have not been affected...
http://technet.microsoft.com/en-us/sysinternals/bb896653
December 28th, 2011 1:20pm
I HAD THE SAME THING HAPPEN A FEW DAYS AGO.
I DELETED THE MS SECURITY UPDATES KB2618451, 2618444, 2619339, 2620712, 2639417 REBOOT AND EVERYTHING WENT BACK TO BEING OK.
NO MORE AUTOMATIC DOWNLOADS FOR ME!!
Free Windows Admin Tool Kit Click here and download it now
December 28th, 2011 2:26pm
OK this has been successful at removing this Win 7 Antivirus 2012:
(It has a bunch of other names too.)
Boot to Safe Mode with networking and login as admin (if possible not the infected users account)
I copy from my personal Malware Utilities Disk (MUD) the following:
Malwarebytes
Process Explorer
Autoruns
FixNCR.reg
RKill
TDSS Killer
SecuniaPSI
I run Malwarebytes (full scan)
If it doesn’t run I run RKill and FixNCR.reg
Malwarebytes should now run.
Remove anything it finds and reboot. I reboot again to Safe Mode to let Malwarebytes finish but then I reboot regularly.
Login as the user.
Delete Temp Internet files and recycle bin
Run Malwarebytes again, full scan
Assuming it’s clean…
I peruse Autoruns and Process Explorer for anything unusual.
I remove Flash, Java and Adobe reader and reboot.
I reinstall the above 3.
All Windows updates
(In one instance the malware damaged Windows update. I had to reinstall The services “Automatic Updates” and “Background Intelligent Transfer Service”.)
Run Secunia PSI and update/remove anything else until I get a score of 100%
I believe this comes through unpatched Java, but it's just an educated guess.
December 29th, 2011 7:24am
this worked for me...thx......one note.....i had to click "run as administrator" for it to launch.....thx again
Free Windows Admin Tool Kit Click here and download it now
January 1st, 2012 10:33am
My hp laptop was infected with this virus just yesterday. I couldn't access the internet. First I switched off the computer and restarted in Safe Mode (by holding down f8). Next, I simply used 'system restore' (control panel) to
go back to my laptop's status as of Jan. 1 and it worked. Then to be sure I downloaded and ran Spy Hunter just to be sure the virus was gone. So far so good.
January 8th, 2012 12:25am
I got this virus last week. Luckily I recognized it pretty quickly as a rogue virus when it kept telling me I had so many viruses (and I"m pretty religious about scanning, so it had to be a fake). It looks real, of course. But I read up
from another computer on how to get rid of it ( the one that worked best was system recovery and then I could run Windows Security Essentials which eliminated the rest of it). I got my computer back. (Heavy sigh of relief).
However - now the blue and yellow shield icon that was so prevalent on the virus is appearing on several of the programs that I used when the virus was active on my system before I knew it was there. It's also appearing on many commands on the context
menu (like rename). I've tried to eliminate the shield, but it doesn't seem to be impacted by anything I try. I ran the FixNCR.reg and RKill.
Is the virus still active on my system in the background despite Windows Security Essentials telling me it's gone? Any help would be greatly appreciated.
Thanks
CJ
Free Windows Admin Tool Kit Click here and download it now
January 14th, 2012 1:36pm
Yes. This works. Make sure you restart in SAFE mode and then reload prior restore point. Thanks!
January 14th, 2012 1:43pm
Actually I was able to delete Win 7 Antivirus 2012 in normal mode. If you have MSE or Malwarebytes try running them with Admin's rights. Right-click the icon at desktop of one of these applications and run it with Administrator's rights. Here is how you
can do it - http://www.deletevirus.net/name-changing-rogue-2012-aliases/
I removed Win 7 Antivirus 2012 for free with MBAM, by the way.
Free Windows Admin Tool Kit Click here and download it now
January 17th, 2012 8:35am
I had the same issue but resolved it with a task killer renamed iexplore then used security essentials to clean for good.
One thing I noticed just before the infection occurred was a series of popups saying adobe flash was trying to make a change to my hard drive. is this process getting installed by piggy backing on flash content?
February 2nd, 2012 8:45am
I had the same issue but resolved it with a task killer renamed iexplore then used security essentials to clean for good.
One thing I noticed just before the infection occurred was a series of popups saying adobe flash was trying to make a change to my hard drive. is this process getting installed by piggy backing on flash content?
Older (vulnerable) versions of Flash Player
are indeed one "facilitator" for rogues to get in, assuming you hit upon an infected flash media.
As a sidebar, I'd recommend you check closely that your firewall is on.
Check-up in Windows 7 Action Center.Maurice Naggar ~ MVP (Oct 2002 - Sept 2010)
Free Windows Admin Tool Kit Click here and download it now
February 2nd, 2012 9:55am
This works for me. I have found that it pops up on my computer only when I am on Face Book. I have sent them a e-mail describing the activity so that they can investigate. I believe it to be imbedded in some ad on theeir website.
When I see it on screen I just reboot my computer without incident. Whatever you do, DO NOT click on it. I was able to clean it off by downloading System Scan from Microsoft. It takes some time to scan the whole computer but it did clean it from my computer.
Hope this helps.
May 24th, 2012 9:42pm