Win 7 Antivirus 2013 Description
Win 7 Antivirus 2013 is a bogus security application that has many variants. Every year, new versions of these kinds of fake security programs are released. While few, if any, things change in the program itself, criminals rename the previous year’s application in order to fool inexperienced computer users more effectively. For example, there is no difference between Win 7 Antivirus 2013 and Win 7 Antivirus 2010, Win 7 Antivirus 2011 and Win 7 Antivirus 2012 except for each application’s name and slight tweaks to their appearance. Win 7 Antivirus 2013 and its many variants should be treated as dangerous malware infections. ESG security analysts recommend removing Win 7 Antivirus 2013 with the aid of a reliable anti-virus program that is fully up to date.
One of the defining characteristics of Win 7 Antivirus 2013’s family of malware is these fake security programs’ ability to adapt to their victims’ computers’ operating systems. As part of their attack procedure, these fake security applications will detect the victim’s operating system and then download images and text corresponding to the victim’s case. Win 7 Antivirus 2013 itself is the version of this fake security application that attacks computers with the Windows 7 operating system, If the victim were running Windows Vista or Windows XP, the victim’s computer would be infected with Vista Antivirus 2013 or XP Antivirus 2013 instead. However, despite their different names, all of these are the same basic malware infection.
The main Win 7 Antivirus 2013 scam involves convincing the victim to download a fake upgrade for this fake security program. To do that, Win 7 Antivirus 2013 causes the infected computer to display alarming error messages, system notifications from the task bar, and similar pop-up alerts. Win 7 Antivirus 2013 can also cause the infected computer to run slowly or block access to the victim’s files. Win 7 Antivirus 2013 will try to make the victim believe that the computer has been severely compromised and that a ‘full version’ of Win 7 Antivirus 2013 is needed to fix the victim’s computer. Of course, this ‘full version’ of Win 7 Antivirus 2013 is quite expensive and will require giving criminals access to your credit card information.
Type: Rogue Anti-Virus Program
How Can You Detect Win 7 Antivirus 2013?
Download SpyHunter’s Detection Scanner
to Detect Win 7 Antivirus 2013.
Win 7 Antivirus 2013 Technical Report
As new Win 7 Antivirus 2013 details are reported by our customers and findings from our Threat Research Center, we will update this section.
Fake message for Win 7 Antivirus 2013:
The following fake error message(s) appears for Win 7 Antivirus 2013:
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
Sensitive areas of your system ware found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
Win 7 Antivirus 2013 Removal Details
Win 7 Antivirus 2013 has typically the following processes in memory:
- %CommonAppData%\[RANDOM CHARACTERS].exe
- %LocalAppData%\[RANDOM CHARACTERS].exe
- %Temp%\[RANDOM CHARACTERS].exe
- %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe
Win 7 Antivirus 2013 creates the following registry entries:
- HKEY_CURRENT_USER\Software\Classes\ “(Default)” = ‘Application’
- HKEY_CURRENT_USER\Software\Classes\\DefaultIcon “(Default)” = ‘%1′
- HKEY_CLASSES_ROOT\ah\shell\open\command “IsolatedCommand”
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe -a “C:\Program Files\Mozilla Firefox\firefox.exe”"
- HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ”
- HKEY_CURRENT_USER\Software\Classes\\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
- HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode”
- HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
- HKEY_CLASSES_ROOT\ah\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
- HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”"