Win 7 Antispyware 2013 description
Win 7 Antispyware 2013 is a fake security tool that pretends it is able to detect and remove viruses and other computer malware. The parasite spreads via trojan. Win 7 Antispyware 2013 downloads and installs itself automatically without user’s knowledge and consent.
Once active, malware starts its fraudulent scans and shows fabricated results that state your PC is infected. For example:
System hacked!
Unknown program is scanning your system registry right now! Identity theft detected!
Threat detected!
Security alert! Your computer was found to be infected with privacy-threatening software. Private data may get stolen and systemmay be severe. Recover your PC from the infection right now, perform a security scan.
Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Virus infection!
System security was found to be compromised. Your computer is now infected. Attention, irreversible system changes may occur. Private data may get stolen. Click here now for an instant anti-virus scan.
It also offers to pay small fees for registered version of Win 7 Antispyware 2013 application. Purchasing it means you will have a huge problem and more viruses onto your computer. We highly recommend ignoring fake threats. It is not worth spending your money. Choose reputable security program and terminate Win 7 Antispyware 2013 upon detection.
Manual Win 7 Antispyware 2013 Removal
Win 7 Antispyware 2013 registry values:
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\
HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'
HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\ah\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\ah\shell\open\command "IsolatedCommand"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = ""%LocalAppData%\.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe""
Help: How to edit windows registry entries
Other malicious Win 7 Antispyware 2013 files:
%CommonAppData%\
%LocalAppData%\
%LocalAppData%\.exe
%Temp%\
%AppData%\Roaming\Microsoft\Windows\Templates\