Win 7 Home Security 2013 Description

Win 7 Home Security 2013 is a fraudulent anti-virus program that looks like a legitimate security tool but, in reality, it cannot detect and remove any type of malware infections. Win 7 Home Security 2013 is delivered through the use of Trojan infections and other malware threats that use security vulnerabilities detected to download and install Win 7 Home Security 2013 without a PC user’s permission and knowledge. When Win 7 Home Security 2013 is installed on the targeted PC, it will launch automatically when you start Windows and then perform a false system scan on the computer. Win 7 Home Security 2013 will return falsified PC scan results in order to intimidate the affected user that his/her computer has been affected by numerous malware threats. Win 7 Home Security 2013 will display fabricated pop-up alerts, which also indicate certain computer problems and security issues. Win 7 Home Security 2013 will recommend the victim to purchase the pseudo full version of its fake software, which is worthless just like the trial version, in order to remove all the supposedly detected computer infections. ESG’s malware analysts highly recommend you not to purchase Win 7 Home Security 2013 as it is a useless security program. You should use a genuine anti-malware application in order to rid your PC of Win 7 Home Security 2013.

Type: Rogue Anti-Virus Program

How Can You Detect Win 7 Home Security 2013?

Win 7 Home Security 2013 Technical Report

As new Win 7 Home Security 2013 details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for Win 7 Home Security 2013:

The following fake error message(s) appears for Win 7 Home Security 2013:

Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.

Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.

Privacy alert!
Rogue malware detected in your system. Data leaks and system damage are possible. Click here for a free security scan and spyware deletion.

Win 7 Home Security 2013 Removal Details

Win 7 Home Security 2013 has typically the following processes in memory:

• %CommonAppData%\[RANDOM CHARACTERS].exe
• %LocalAppData%\[RANDOM CHARACTERS].exe
• %Temp%\[RANDOM CHARACTERS].exe
• %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe

Win 7 Home Security 2013 creates the following files in the system:

• %UserProfile%\Start Menu\Programs\Win 7 Home Security Pro 2013\Win 7 Home Security Pro 2013.lnk
• %UserProfile%\Desktop\Win 7 Home Security Pro 2013.lnk

Win 7 Home Security 2013 creates the following registry entries:

• HKEY_CURRENT_USER\Software\Classes\ “(Default)” = ‘Application’
• HKEY_CURRENT_USER\Software\Classes\\DefaultIcon “(Default)” = ‘%1′
• HKEY_CLASSES_ROOT\ah\shell\open\command “IsolatedCommand”
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe -a “C:\Program Files\Mozilla Firefox\firefox.exe”"
• HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ”
• HKEY_CURRENT_USER\Software\Classes\\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode”
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_CLASSES_ROOT\
• HKEY_CLASSES_ROOT\ah\shell\open\command “(Default)” = “%LocalAppData%\.exe” -a “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “”%LocalAppData%\.exe” -a “C:\Program Files\Internet Explorer\iexplore.exe”"

Important Article Disclaimer