Win 7 Guardian 2010 is a fake antivirus program created specifically for the Windows 7 operating system. Win 7 Guardian 2010 virus commonly infect a computers that download a file from an infected server. This malware will inspect the system and install itself in relation to its environment. It can also install itself as XP Guardian 2010 or Vista Guardian 2010 respectively. While on the computer, Win 7 Guardian 2010 can alter system settings and add its own entries on the registry to ensure that it will load when Windows 7 is started. A fake virus scan will be launched and a number of infected files will be presented to convince users that a register version must be obtained to be able to remove these threats.
Win 7 Guardian 2010 presence on can get worst if not removed immediately, it will attempt to connect to a remote computer and download additional malware that can enhance its presence on the affected system. Another Trojan associated to Win 7 Guardian 2010 will be dropped to disable any security program installed.
What are the Symptoms of Win 7 Guardian 2010 Infection?
A self-launched virus scan with fake results can mislead computer users to purchase the Win 7 Guardian 2010 activation code.
It will modify Windows Registry and add the following entries:
- HKEY_CURRENT_USER\Software\AV2010
- HKEY_CLASSES_ROOT\AppID\{3C40236D-990B-443C-90E8-B1C07BCD4A68}
- HKEY_CLASSES_ROOT\AppID\IEDefender.DLL
- HKEY_CLASSES_ROOT\CLSID\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
- HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO
- HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO.1
- HKEY_CLASSES_ROOT\Interface\{7BC7565C-5062-43CE-8797-DC2C271140A9}
- HKEY_CLASSES_ROOT\TypeLib\{705FD64B-2B7B-4856-9337-44CA1DA86849}
- HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows\Current Version\Explorer\Browser Helper Objects\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\ {4D36E972-E325-11CE-BFC1-08002bE10318}\0012
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\ {4D36E972-E325-11CE-BFC1-08002bE10318}\0013
- HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\ {4D36E972-E325-11CE-BFC1-08002bE10318}\0014
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run ‘Windows Gamma Display
The threat will drop the following malicious files:
- %Documents and Settings%\[UserName]\Application Data\av.exe
- %Documents and Settings%\[UserName]\Application Data\WRblt8464P
- %Documents and Settings%\[UserName]\Application Data\[random]
How to Remove Win 7 Guardian 2010 Manually
1. Restart your computer in SafeMode
– After Power-On the computer, just before Windows start, press F8
– From the selections, Select SafeMode
2. Remove Registry entries that the threat added. You MUST BACKUP YOUR REGISTRY FIRST.
– Click Start > Run
– Type in the field, regedit
– Navigate and look for the registry entries mentioned above and delete if necessary
3. Delete malicious files that the threat added:
– Base on the given location above, browse and delete the file
– If no location is given, click Start>Search> and search for the files.
– If cannot be deleted, press Ctrl+Alt+Del to access Task Manager, see if the file is running in the process. If it is, select the file and click End Process. Perform file delete again.
4. Scan computer with Antivirus Program
– Update antivirus program
– Scan computer and delete all detected threats.
How to Easily Remove Win 7 Guardian 2010
1. Download and run Removal Tool to remove Win 7 Guardian 2010
