The Emsi Software malware research team has discoverd a new outbreak of the Antivirus7 adware. a-squared Anti-Malware detects this malware as Adware.Win32.Antivirus7.

Antivirus7 is a rogue security program clone of FakeAntivir, which is also a rogue application that has become widespread.  A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new files:

• %ProgramFiles%\AV7\antivirus7.exe
• %SystemRoot%\system32\UpdateExplorer.dll
• %AllUsersProfile%\Start Menu\AV7\Antivirus7.lnk
• %AllUsersProfile%\Start Menu\AV7\Uninstall.lnk

Create new registry entries:

• HKEY_LOCAL_MACHINE\software\Classes\clsid\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
• HKEY_LOCAL_MACHINE\software\Classes\clsid\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}\InprocServer32
• HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
• HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, “AV7″

Screenshots:

How to remove the infection of Antivirus7 (Adware.Win32.Antivirus7)?

To delete this malware infection, please download and install a-squared Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.