Win7 AV

September 2nd, 2010
Home » Rogue Antispyware » Win7 AV
Repair and protect your computer easily. Download Win7 AV removal tool  

Win7 AV description

Win7 AV is a malware which enters the system with the help of trojan horse. Win7 AV is just an imitation of computer protection tool. It downloads and installs itself automatically without user’s knowledge and consent.

Once active it will start to scan computer and will display fabricated results that state about computer infections. Your desktop will be flooded with numerous pop-ups and security alerts. For example:

Warning: visit this site may harm your computer
This website may contain elements from the site gcounter.cn, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer. For detailed information about the problems with these elements, visit the Google Safe browsing diagnostic page for gcounter.cn

This is a scam and none of the information should be trusted. Malware neither has the ability to detect nor remove computer threats therefore it is not being trusted. It only gains to trick user into thinking their PC in severely compromised. Win7 AV will offer you to buy its “registered” version. Your browser will be redirected to deceptive web pages that sell the application. Ignore all notifications but use decent anti-spyware program and terminate Win7 AV upon detection.

Manual Win7 AV Removal


Win7 AV malicious websites:

Win7av.com


Win7 AV processes:

windiskdefend.exe
Win7Browser.exe
Win7 AV.exe
Help: A Guideline of Killing Malicious Processes


Win7 AV registry values:

HKLM\SOFTWARE\Classes\CLSID\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}
HKLM\SOFTWARE\Win7 AV
HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\windiskdefend
HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Disk Defender
HKLM\SYSTEM\CurrentControlSet\Services\windiskdefend
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\w7avf
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Win7 AV
Help: How to edit windows registry entries


Win7 AV DLLs:

windefWebModule.dll
Win7Common.dll
VmDetectLibrary.dll
svhostqt.dll
svhostesl.dll
sbhostcl.dll
Interop.SHDocVw.dll


Other malicious Win7 AV files:

%ProgramFiles%\Win7 AV\
%ProgramFiles%\Win7 AV\AxInterop.SHDocVw.dl
%ProgramFiles%\Win7 AV\base001.dat
%ProgramFiles%\Win7 AV\base002.dat
%ProgramFiles%\Win7 AV\base003.dat
%ProgramFiles%\Win7 AV\Interop.SHDocVw.dll
%ProgramFiles%\Win7 AV\sbhostcl.dll
%ProgramFiles%\Win7 AV\svhostesl.dll
%ProgramFiles%\Win7 AV\svhostqt.dll
%ProgramFiles%\Win7 AV\VmDetectLibrary.dll
%ProgramFiles%\Win7 AV\Win7 AV.exe
%ProgramFiles%\Win7 AV\Win7Browser.exe
%ProgramFiles%\Win7 AV\Win7Common.dll
%UserProfile%\Desktop\Win7 AV.lnk
C:\Windows\System32\windefWebModule.dll
C:\Windows\System32\windiskdefend.exe
C:\Windows\System32\windiskdefend.InstallState

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete Win7 AV, if you are not familiar with deleting malware manually.

Tags:

Leave a Reply