Win 7 Antivirus 2013

Win 7 Antivirus 2013 Description

Type: Adware

Win 7 Antivirus 2013 is a bogus security application that has many variants. Every year, new versions of these kinds of fake security programs are released. While few, if any, things change in the program itself, criminals rename the previous year's application in order to fool inexperienced computer users more effectively. For example, there is no difference between Win 7 Antivirus 2013 and Win 7 Antivirus 2010, Win 7 Antivirus 2011 and Win 7 Antivirus 2012 except for each application's name and slight tweaks to their appearance. Win 7 Antivirus 2013 and its many variants should be treated as dangerous malware infections.

Win 7 Antivirus 2013 belongs to the FakeRean family of fraudulent security products and, among its vairious clones are Windows Antivirus 2008, Vista Antivirus 2008, Antivirus Pro 2009, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, PC Clean Pro, XP Home Security 2012, Windows Clear Problems, XP Security 2012, Antivirus PRO 2015.

One of the defining characteristics of Win 7 Antivirus 2013's family of malware is these fake security programs' ability to adapt to their victims' computers' operating systems. As part of their attack procedure, these fake security applications will detect the victim's operating system and then download images and text corresponding to the victim's case. Win 7 Antivirus 2013 itself is the version of this fake security application that attacks computers with the Windows 7 operating system, If the victim were running Windows Vista or Windows XP, the victim's computer would be infected with Vista Antivirus 2013 or XP Antivirus 2013 instead. However, despite their different names, all of these are the same basic malware infection. ESG security analysts recommend removing Win 7 Antivirus 2013 with the aid of a reliable anti-virus program that is fully up to date.

The main Win 7 Antivirus 2013 scam involves convincing the victim to download a fake upgrade for this fake security program. To do that, Win 7 Antivirus 2013 causes the infected computer to display alarming error messages, system notifications from the task bar, and similar pop-up alerts. Win 7 Antivirus 2013 can also cause the infected computer to run slowly or block access to the victim's files. Win 7 Antivirus 2013 will try to make the victim believe that the computer has been severely compromised and that a 'full version' of Win 7 Antivirus 2013 is needed to fix the victim's computer. Of course, this 'full version' of Win 7 Antivirus 2013 is quite expensive and will require giving criminals access to your credit card information.

Technical Information

File System Details

Win 7 Antivirus 2013 creates the following file(s):
# File Name Detection Count
1 %CommonAppData%\[RANDOM CHARACTERS].exe N/A
2 %LocalAppData%\[RANDOM CHARACTERS].exe N/A
3 %Temp%\[RANDOM CHARACTERS].exe N/A
4 %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS].exe N/A

Registry Details

Win 7 Antivirus 2013 creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'
HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''
HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\
HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""

More Details on Win 7 Antivirus 2013

The following messages associated with Win 7 Antivirus 2013 were found:
Malware intrusion!
Sensitive areas of your system ware found to be under attack. Spy software attack or virus infection possible. Prevent further damage or your private data will get stolen. Run an anti-spyware scan now. Click here to start.
Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

One Comment

  • woodrow:

    You could definitely see your expertise in the work you write. The world hopes for more passionate writers like you who aren't afraid to say how they believe. At all times follow your heart.