Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Thursday, March 11, 2010

Remove Antivirus 7 fake antivirus program (Free removal)

Tell your friends:
Antivirus 7 is a fake anti-virus program. It reports false system security threats and displays fake warnings to make you think that your computer is infected with malicious software. Basically, it's typical scareware and it prompts you to pay for a full version of the program in order to remove supposedly found infections and to ensure full system protection. Don't purchase it! Otherwise, you probably won't get your money back. But if you already paid for Antivirus 7 then you should contact your credit card company immediately and dispute the charges.

If you are reading this bog post then your PC is probably infected with this virus. Thankfully, there is a way to remove Antivirus 7 for free. However, please note that you may have to use more than one program to completely remove this infection from your computer. Besides, Antivirus7 may come bundled with other malware and so may block legitimate antivirus and antispyware programs. In such case you will have to reboot your computer is Safe Mode with Networking and run free malware removal tool from there. Please read the removal instructions below.

Antivirus 7 malware also displays fake security warnings about identity theft attempts or newly detected virus. Some of the fake alerts you will probably see on your screen while you are infected:

"Resident Shield: New virus detected
Warning! New virus detected
Please click "Remove All" button to heal all infected files and protect your PC"

As a typical rogue program, Antivirus 7 comes from fake online scanners, fake sites, infected PDF files and malicious advertisements. Very often cyber criminals distribute their malicious software on well know websites too, such as Facebook, MySpace or Twitter. If you receive a message from person you don't know don't click on any links unless you are 100% sure that they won't redirect you to misleading. Good luck and be safe!

Antivirus 7 removal instructions (method #1):

1. (Proceed to step 2 if you your web browser is not hijacked) Open Internet Explorer. Go to: Tools->Manage Add-ons. Find and select UpdateExplorer.dll from the list of add-ons. Click "Disable" button and close Manager Add-ons windows. Close Internet Explorer and run it once again.
2. Download one of the following legitimate anti-malware applications and run a quick system scan. Don’t forget to update it first. All programs a free.
NOTE1: if you can't run any of the above programs you must rename the installer of selected program before saving it on your PC. For example: if you choose MalwareBytes then you have to rename mbam-setup.exe to iexplore.exe, explorer.exe or any random name like test123.exe before saving it.

NOTE2: if you still can't run the renamed file then you need to change file extension too not only the name.
1. Go to "My Computer".
2. Select "Tools" from menu and click "Folder Options".
3. Select "View" tab and uncheck the checkbox labeled "Hide file extensions for known file types". Click OK.
4. Rename mbam-setup.exe to either or test123.pif
5. Double-click to run renamed file.

Removing Antivirus 7 in Safe Mode with Networking (method #2):

1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here:

NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
If you can't reboot your PC in Safe Mode with Networking, download SafeBootKeyRepair and run it. If the rogue program blocks it then download and run this file RenamedSBKRepair. Follow the prompts. Then reboot your PC in Safe Mode with Networking.

2.Download one of the following legitimate anti-malware applications and run a quick system scan. Don’t forget to update it first. All programs a free.

Antivirus 7 files and registry values:

  • C:\Documents and Settings\All Users\Start Menu\AV7
  • C:\Program Files\AV7
  • C:\Program Files\AV7\antivirus7.exe
  • C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb
  • C:\WINDOWS\system32\UpdateExplorer.dll
Registry values:
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AV7"
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "WinNT-EVI 12.03.2010"
Share this information with other people:


Anonymous said...

How do I get rid of Antivirus 7?

Anonymous said...

Thank you so much by using this method I successfully deleted antivirus 7 from my laptop. Thank you.

Bev said...

Hi, I have this virus on the computer and i have followed instructions from this and 2 other sites, the last thing i downloaded was spydoctor, which i paid for and it seemed to work, however the problem seems to be that everytime i go into Facebook the virus tries to download itself, spydoctor detects it and gets rid of it, which is fine, but then it kicks me off facebook altogether and everytime i go back in, the whole thing starts again!!! Any idea how i can block the virus without getting forced out of facebook? This is only happening on my computer, despite having another computer in the house which is not being!!

Anonymous said...

thanks for your info, i find it very useful coz i've removed the antivirus 7 successfully.

thanks again.. :)

Anonymous said...

Beware. Spyware Doctor will find the problem, but wants money in order to remove it.

Anonymous said...

aahhhh what a nightmare lol ok i did what it says....its removes it but when it reboots my computer the little toolbar icon an the lower right side of my screen comes back and then so does the virus how do i get rid of that toolbar icon for av7 and make it stop coming back pls help me i use malwarebytes and i even run rkill first to stop it from hiding from the malwarebytes but every reboot...its frustrating