Win 7 AntiVirus 2012 (Win7 AntiVirus 2012) is another rogue anti-virus application created by cybercriminals for the purpose of making a profit by selling its full version to unsuspecting computer users. PCHubs malware researchers have noted that it is part of the FakeRean family, which is notorious for being able to change its name depending on the operating system of the target computer that was infected. The year in the rogueware’s name may also change depending on the time of infection. This means that Win 7 AntiVirus 2012 is a variant of XP AntiVirus 2012 and Vista AntiVirus 2012. Other rogue security applications belonging to the FakeRean family include Win 7 Internet Security 2012, XP Total Security 2011, and Vista Security 2012. There are many variations in the names of these rogue anti-virus programs, but typically they have similar user interfaces, appearance, and modes of infection, so it is important to know the symptoms so that you won’t get deceived.
Getting to Know the Rogueware that is Win 7 AntiVirus 2012
Like the rogueware variants in the FakeRean family, Win 7 AntiVirus 2012 starts infecting your computer without your permission or knowledge through a Trojan that gets embedded in most freeware applications or fake online video codecs. Once installed on your PC, Win 7 AntiVirus 2012 would constantly run on your computer’s background every time it is turned on, causing you a number of problems on your PC. Some of these include annoying pop-up security alerts, bogus system scans, and constant notifications to purchase the full version of Win 7 AntiVirus 2012 in order to remove the alleged infections supposedly. However, PCHubs malware researchers have researched on this program thoroughly and have concluded that it has no capability at all in being able to protect your computer against malware. You must ignore all notifications and promotions of purchasing Win 7 AntiVirus 2012 since it does not do your computer any good.
Apart from the annoying and deceptive displays, PCHubs malware researchers have also noted that Trojans associated with Win 7 AntiVirus 2012 may cause your computer to operate more slowly and make it look as if some of your files have disappeared. Some of your legitimate Windows applications may also be blocked from running, which might alarm you at first. You must not worry as these are additional scare tactics of Win 7 AntiVirus 2012 in order to deceive you into buying its full version.
How to Clear Your Computer from the Problems caused by Win 7 AntiVirus 2012
Removing Win7 AntiVirus 2012 from your computer is the best method that you have to take in order to restore your computer back to its normal settings. The malware threats detected by Win7 AntiVirus 2012 were actually caused and created by this rogueware itself, so the best solution for this is to address the main cause by removing Win7 AntiVirus 2012 completely from your computer.
To get rid of Win7 Antivirus 2012 effectively, you would need to restart your computer in Safe Mode and perform the removal process using a legitimate and updated security application that has the latest signature databases.
Are you getting popups from Win 7 AntiVirus 2012? Have you identified that you have Win 7 AntiVirus 2012 installed on your computer? Do you wish to remove Win 7 AntiVirus 2012 completely from your computer?
Why should you remove Win 7 AntiVirus 2012?
If Win 7 AntiVirus 2012 resides on your computer, it can potentially damage your personal files or you may end up losing data stored on your system. Research has shown that Win 7 AntiVirus 2012 may have the ability to make your computer vulnerable to remote attacks which could result, initially, in loss of money, possibly identity theft, and, eventually, a painstaking Win 7 AntiVirus 2012 removal process.
How can you manually remove Win 7 AntiVirus 2012
Manual removal of Win 7 AntiVirus 2012 may not be for everyone. Each manual Win 7 AntiVirus 2012 removal step must be followed delicately to completely remove all related files and registry entries from your computer. If you are unsure or have doubts about editing your system registry, then we recommend that you use the automatic Win 7 AntiVirus 2012 removal process.
Win 7 AntiVirus 2012 can be removed manually by following the steps below.
- With all programs closed, click the Start Menu and go to the Control Panel.
- Locate the Add/Remove Programs icon and double click it.
- Locate Win 7 AntiVirus 2012 in the list of programs. If you find it, select it and remove it. If you cannot find Win 7 AntiVirus 2012, you can continue to step 5.
- Restart your computer.
- Close all open programs and windows on your desktop.
- Open your registry editor (regedit) program by going to Start Menu, type in regedit, and click OK.
- Find all of the following registry entries and delete them. If you do not know how to do this,
then you can read how to edit the registry in Windows.HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “(Default)” = ‘”%1? %*’HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1? %*’HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1? %*’HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ‘exefile’HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-msdownload’HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1? = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1? %*’HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = ‘”%1? %*’HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = ‘”%1? %*’HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1? %*’HKEY_CURRENT_USER\Software\Classes\exefile “(Default)” = ‘Application’HKEY_CURRENT_USER\Software\Classes\exefile “Content Type” = ‘application/x-msdownload’HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon “(Default)” = ‘%1?HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1? %*’HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “IsolatedCommand” = ‘”%1? %*’HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “IsolatedCommand” – ‘”%1? %*’HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe”‘HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode’HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Internet Explorer\iexplore.exe”‘
You may need to return to this removal process for removing Win 7 AntiVirus 2012. You can do this easily by bookmarking or adding a favorite to this page by clicking here. If you are using the FireFox web browser you can press the keys Ctrl and D simultaneously to bookmark this page.
Image 1. Bookmark PCHubs removal process
Delete all of the following files that are associated with Win 7 AntiVirus 2012 from your computer.%AllUsersProfile%\[RANDOM CHARACTERS]%AppData%\Local\[RANDOM CHARACTERS]%AppData%\Local\[RANDOM CHARACTERS].exe%AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]%Temp%\[RANDOM CHARACTERS]
If you need a better understanding on how to search for these files then you can read how to find and search for files and folders here.
If you have issues deleting any of the previously listed files that are associated with Win 7 AntiVirus 2012, you can try rebooting your computer into safe mode. Booting into safe mode may allow certain malicious files to be deleted. If you are wondering how to boot into safe mode, you can read our process for starting a computer in safe mode here.
Image 2. Select "Safe Mode with Networking"
After locating and deleting the previous files you must remove all directories associated with Win 7 AntiVirus 2012 by going to the C:\ProgramFiles\Win 7 AntiVirus 2012 folder, select it, and delete it. In some cases you may not be able to find this directory. You can still continue to the next step.
Restart your computer. You do not need to boot into safe mode at this point. You should have removed Win 7 AntiVirus 2012 completely from your computer. If you find that Win 7 AntiVirus 2012 is still on your computer, you can repeat the steps again or go to the automatic Win 7 AntiVirus 2012 removal process.