AV 7 is a malicious anti-spyware application that imitates legitimate anti-malware programs. AV 7 uses scare tactics the same as other rogue antimalware applications to trick users into purchasing a license to its full version. This malicious application reaches the user’s computer via Trojans that get downloaded from malicious websites which claim to be able to help you with your security. Once established on the computer, AV 7 then proceeds to perform a large number of fake security scans on the system, returning results that state that the computer is dangerously infected with a number of non-existent viruses. It also generates fake warning pop-ups from the Windows taskbar. Finally AV 7 urges the user to purchase a license to the ‘full’ version of the software, claiming that the currently installed ‘trial’ version is incapable of cleaning the detected false ‘threats’. However, all users should be aware that this is a trick aimed at swindling their money, as no version of System Security can scan or clean any computer.

AV 7 Removal

As soon as you detect a copy of this rogue software on your computer, you should initiate the process of AV 7 removal. In order to delete AV 7, you need to stop its processes, unregister its DLLS, delete its files and folders and remove its registry entries.

File Removal Procedures

The first step you need to take in order to remove AV 7 is to stop the following process from executing:

  • antivirus7.exe

Next, it is necessary to unregister the following DLL:

  • UpdateExplorer.dll

The next step in AV 7 removal is to delete the following files and folders:

  • %Documents and Settings%\All Users\Start Menu\AV7
  • %Documents and Settings%\All Users\Start Menu\AV7\Antivirus7.lnk
  • %Documents and Settings%\All Users\Start Menu\AV7\Uninstall.lnk
  • %Program Files%\AV7
  • %Program Files%\AV7\antivirus7.exe
  • %WINDOWS%\SoftwareDistribution\DataStore\Logs\tmp.edb
  • %WINDOWS%\system32\UpdateExplorer.dll
  • %UserProfile%\Desktop\Antivirus7.lnk

After the above steps have been completed, AV 7 no longer resides on your file system.

Registry Removal Procedures

File deletion alone is not sufficient to completely remove AV 7. The following keys and settings should be removed from the registry for complete AV 7 removal:

  • HKEY_CURRENT_USER\Software\EVA246
  • HKEY_CLASSES_ROOT\CLSID\E2BFE352-A303-4EA8-88FE-CE35361D7E8B
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\E2BFE352-A303-4EA8-88FE-CE35361D7E8B
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AV7?
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “WinNT-EVI 12.03.2010?

At this point it is recommended to conduct a full system scan using genuine antivirus software such as Spyware Doctor with Antivirus and clean any additional malicious traces that are found as being present.

Conclusion

Manual AV 7 removal is not recommended for inexperienced users as any wrong move made during the removal process could cause irreversible damage to the operating system of the computer. Therefore inexperienced users are strongly advised to use a web-based repair service such as www.onlinecomputerrepair.org or legitimate antivirus software such as Spyware Doctor with Antivirus to safely remove AV 7.

Be Sociable, Share!