Win 7 Antivirus 2012

Updated: January 11, 2012 Rogue 1 Comment

Win 7 Antivirus 2012 is a name-changing rogue security program that is clever enough to identify target computer operating system. Since it can change its name based on victims OS, Win 7 Antivirus 2012 may look like a legitimate software for the current system. This potentially unwanted application can easily deceive users that it was part of Windows security features by providing task bar messages like the following:

System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.

System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.

These messages are part of the rogue program’s aggressive technique to make victims believe that there are really security issues needed to be taken care of. Repeatedly, a prompt to obtain the licensed version of Win 7 Antivirus 2012 is issued. Internet browser is also hijack and instead display a warning page that the traffic was blocked due to virus infection. On the same fake error page, it will provide a link to payment processing web site where a registered copy of Win 7 Anti-Virus 2012 can be obtained. By having the full version, it promises to remove viruses and stop these annoyances.

Typically, rogue programs will provide no security and clean nothing even with the paid version. Fake AV such as Win 7 Antivirus 2012 was never designed to function like a real security program. It must be remove from the computer immediately and purchasing it should never be an option.

Screen Shot Image of Win 7 Anti-Virus 2012:

This rogue security application also mimic Windows’ security center and calls it Action Center. It aims to mislead computer users. The fake Action Center contains false security reports and deceiving advises to activate the full version of the rogue product.

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Malware Behavior
Win 7 Antivirus 2012 will block any programs from running. An attempt to launch any application will produce a pop-up alert stating that the file is infected and blocked from accessing the Internet.

Win 7 Antivirus 2012 Firewall Alert
Win 7 Antivirus 2012 has blocked a program from accessing the Internet.
file.exe is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including details and passwords.

Name: Microsoft Windows Operating System
Location: C:\Windows\explorer.exe
Company: Microsoft Corporation
Version: 6.1.7601.17567

Windows recommend to Activate Win 7 Antivirus 2012
Click “Yes, Activate…” to register your copy of Win 7 Antivirus 2012 and perform threat removal on your system.

[cf]regis[/cf] [cf]files[/cf]

Video Tutorial (Win 7 Antivirus 2012 Removal)

How to Remove Win 7 Antivirus 2012

Activating the Rogue Program

Win 7 Anti-Virus 2012 will block running of any programs. It also prevents access to Internet particularly anti-virus web sites. Execution of Windows tools like Task Manager, Registry Editor and Control Panel is similarly block by the rogue program. Activating the program using the registration key below will regain access to the mentioned services.

Activation Code: 3425-814615-3990

Once activated, downloading of necessary program to scan and remove Win 7 Anti-Virus 2012 is now possible.

Automatic Removal

Here is a simple step-by-step procedure to remove Win 7 Anti-Virus 2012 virus from an infected computer. Please follow the steps carefully.

1. Download removal software and save it on your Desktop or any accessible location of your hard drive.

2. After downloading, double-click on the file to install the application.

3. Follow the prompts and install the program using the “default” settings.

4. Before the installation completes, you need to update the database. - Update Malwarebytes’ Anti-Malware
- Launch Malwarebytes’ Anti-Malware

5. Click Finish. Program will run automatically and you will be prompt to update the program before starting a scan. Please proceed with update to obtain the latest database necessary to detect and remove Win 7 Anti-Virus 2012.

6. Scan your computer thoroughly and completely check all files, folders and registry entries for possible infection.

7. When scanning is finished, click on Show Results.

8. Make sure that all detected threats are marked, click on Remove Selected.

9. After removing items associated with Win 7 Anti-Virus 2012, it will prompt to restart the computer. Click Yes to complete the cleaning process.

10. When computer starts, open MalwareBytes Anti-Malware. Go to Quarantine tab and click on Delete All to fully remove all malicious items.

Note: Win 7 Anti-Virus 2012 may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.

Alternative Removal Method for Win 7 Antivirus 2012

Option 1 : Use Windows System Restore to return Windows to previous state

If Win 7 Antivirus 2012 enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Win 7 Antivirus 2012 infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.

Option 2 : Win 7 Antivirus 2012 manual uninstall guide

IMPORTANT! Manual removal of Win 7 Antivirus 2012 requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to Win 7 Antivirus 2012.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Win 7 Antivirus 2012 files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by Win 7 Antivirus 2012.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Technical Reference

Associated Files and Folders:Added Registry Entries:

Comments and Suggestions

On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to Win 7 Antivirus 2012 payment refund or lost serial key, kindly check the FAQ for rogue program first.

One Comment

Jnxt
Jul 06, 2011 @ 08:16:15

Great tutoria!
With your help i cleaned out everything.
Thanks!