Win 7 Antivirus 2013

By ZulaZuza in Rogue Anti-Virus Program | 606 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading ... Loading ...
 More... More

Win 7 Antivirus 2013 Description

Win 7 Antivirus 2013 is a bogus security application that has many variants. Every year, new versions of these kinds of fake security programs are released. While few, if any, things change in the program itself, criminals rename the previous year’s application in order to fool inexperienced computer users more effectively. For example, there is no difference between Win 7 Antivirus 2013 and Win 7 Antivirus 2010, Win 7 Antivirus 2011 and Win 7 Antivirus 2012 except for each application’s name and slight tweaks to their appearance. Win 7 Antivirus 2013 and its many variants should be treated as dangerous malware infections. ESG security analysts recommend removing Win 7 Antivirus 2013 with the aid of a reliable anti-virus program that is fully up to date.

One of the defining characteristics of Win 7 Antivirus 2013’s family of malware is these fake security programs’ ability to adapt to their victims’ computers’ operating systems. As part of their attack procedure, these fake security applications will detect the victim’s operating system and then download images and text corresponding to the victim’s case. Win 7 Antivirus 2013 itself is the version of this fake security application that attacks computers with the Windows 7 operating system, If the victim were running Windows Vista or Windows XP, the victim’s computer would be infected with Vista Antivirus 2013 or XP Antivirus 2013 instead. However, despite their different names, all of these are the same basic malware infection.

The main Win 7 Antivirus 2013 scam involves convincing the victim to download a fake upgrade for this fake security program. To do that, Win 7 Antivirus 2013 causes the infected computer to display alarming error messages, system notifications from the task bar, and similar pop-up alerts. Win 7 Antivirus 2013 can also cause the infected computer to run slowly or block access to the victim’s files. Win 7 Antivirus 2013 will try to make the victim believe that the computer has been severely compromised and that a ‘full version’ of Win 7 Antivirus 2013 is needed to fix the victim’s computer. Of course, this ‘full version’ of Win 7 Antivirus 2013 is quite expensive and will require giving criminals access to your credit card information.

Type: Rogue Anti-Virus Program

How Can You Detect Win 7 Antivirus 2013?

Download SpyHunter’s Detection Scanner
to Detect Win 7 Antivirus 2013.

Can’t install SpyHunter? Click here to view possible causes of installation issues.

Win 7 Antivirus 2013 Technical Report

As new Win 7 Antivirus 2013 details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for Win 7 Antivirus 2013:

The following fake error message(s) appears for Win 7 Antivirus 2013:

Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

Malware intrusion!
Sensitive areas of your system ware found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.

Win 7 Antivirus 2013 Removal Details

Win 7 Antivirus 2013 has typically the following processes in memory:

  • %CommonAppData%\[RANDOM CHARACTERS].exe
  • %LocalAppData%\[RANDOM CHARACTERS].exe
  • %Temp%\[RANDOM CHARACTERS].exe
  • %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe

Win 7 Antivirus 2013 creates the following registry entries:

  • HKEY_CURRENT_USER\Software\Classes\ “(Default)” = ‘Application’
  • HKEY_CURRENT_USER\Software\Classes\\DefaultIcon “(Default)” = ‘%1′
  • HKEY_CLASSES_ROOT\ah\shell\open\command “IsolatedCommand”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe -a “C:\Program Files\Mozilla Firefox\firefox.exe”"
  • HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ”
  • HKEY_CURRENT_USER\Software\Classes\\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
  • HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode”
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
  • HKEY_CLASSES_ROOT\
  • HKEY_CLASSES_ROOT\ah\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
  • HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”"

Important Article Disclaimer

ESG Support Center

This entry was last updated on 01/11/13 and posted on 10/1/12. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
« XP Antivirus 2013
Win 7 Internet Security 2013 »

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Popular Malware

Popular Trojans

Recent Malware

Home | SpyHunter Risk Assessment Model | Privacy Policy | End User License Agreement | Additional Terms and Conditions
Copyright 2003-2012. Enigma Software Group USA, LLC. All Rights Reserved.