How to remove Win 7 Antispyware 2012 virus

Win 7 Antispyware 2012

Win 7 Antispyware 2012

Win 7 Antispyware 2012 is another sample of fake anti-virus tool (rogue software) having in mind to trick users into buying its commercial version. Do you know that such version simply does not exist? Win 7 Antispyware 2012 inherits the traits of Braviax malwares, also known as Multi-Rogues 2012 or name-changing rogues. This malware can be rightfully classified as a scam program aiming to prompt you into spending funds for nothing. When this hoax successfully enters into your computer it would first arrange its fictitious system scan which would then, upon its termination, report very many infections supposedly identified by it. Be not deceived by this program. All such information presented by it is far away from the truth and must be fully ignored by you. If you have mistakenly bought it you might try to activate it using the activation code / license / serial or whatever this set of digits you received is called. This might facilitate the process for removal of Win 7 Antispyware 2012, but surely merely this activation would not actually remove the malware from your PC. You would not be able to perform the uninstall process for this tool via “Add/Remove Programs” menu. Just as we told you in the beginning of our message, this fake AV does not ask for your permission to penetrate to your system. So, similarly, it does not give you any options to uninstall it if you wish to do so.

Another feature of the rogue is that it would be launched automatically with every system startup. This feature is, by the way, typical to all Braviax rogues, since they aim to scare you from the very beginning of their infiltration and each time you turn your PC. This trait to be launched together with Windows OS is, beyond any doubt, very annoying. Moreover, you would be targeted with the bunch of bogus security notifications, ads, popups, messages and warnings originated by this malware tool. It applies all such scary techniques in order to make you believe that something is seriously wrong with your machine and that it has some terrible viruses, problems, malwares and other threats which can compromise your security and cause data loss. However, this all can really take place only due to the presence of Win 7 Antispyware 2012 itself on your PC. Its successful removal is a must-do thing for you to accomplish. If you have already effected the payment for this scam then please contact your good bank immediately and dispute the charges made by you, telling that you have purchased the rogue security program, describing its name and other important details. Finally, to get rid of it, make sure and delete this threat as described in this article – http://www.2-viruses.com/remove-win-7-anti-spyware-2012.



Win 7 Antispyware 2012 system amendments:

Win 7 Antispyware 2012 files added:

  • %UserProfile%\Local Settings\Application Data\opRSK
  • %UserProfile%\Local Settings\Application Data\pw.exe
  • %UserProfile%\Local Settings\Application Data\vz.exe
  • %UserProfile%\Local Settings\Application Data\MSASCui.exe
  • %UserProfile%\AppData\Local\opRSK
  • %UserProfile%\AppData\Local\pw.exe
  • %UserProfile%\AppData\Local\vz.exe
  • %UserProfile%\AppData\Local\MSASCui.exe

Win 7 Antispyware 2012 registry entries added:

  • HKCU\Software\Classes\pezfile
  • HKCR\pezfile
  • HKCU\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCU\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCU\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKCU\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKCR\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCR\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1” %*
  • HKCR\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKCR\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “%1” %*
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
  • HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
  • HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
  • HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\vz.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
  • HKLM\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1”
  • HKLM\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1”

Leave a Reply

Your email address will not be published. Required fields are marked *