Win7 AV
Win7 AV is the latest rogue anti-spyware application that may be brought to your computer by a Trojan, exploiting browser security weaknesses. The Trojan may masquerade as video and audio codecs, and once you install one of those on your system, it will download and install certain malware applications, in this case Win7 AV. The next step will be the installation of another Trojan that will display fake notifications of virus threats urging the unwary user to purchase Win7 AV. Do not fall for this trickery and have Win7 AV removed immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 sbhostcl.dll 2 svhostesl.dll 3 svhostqt.dll 4 VmDetectLibrary.dll 5 Win7 AV.exe 6 Win7Browser.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.