Welcome to remove-malware.net

How to remove Win7 AV rogue anti-spyware

Malware Description:
Win7 AV (aka Win 7 AV) is really good at reporting false security claims and detecting non-existent malware on one’s computer. On other words, this program is a counterfeit anti-spyware application. It may first appear to be a regular antivirus tool that has a nice-looking GUI and offers plenty of allegedly useful options. However, it’s not all as good as it seems. During our security analysis, Win7 AV turned out to be a fake virus defense program that promises a lot but does hardly anything. Win7 AV usually uses blackhat social engineering to make its way into new host computers. This installation normally takes place in a hidden mode, i.e. without any prior notification of the user. Having got inside a PC, Win7 AV begins fulfilling its wicked plan by changing your system settings and altering some critical Registry information. When this part of the rogue’s routine is completed, it will come to control most of the processes on your workstation. But probably the worst thing is Win7 AV starts the extremely annoying malvertising campaign on your machine. Every time you turn on your computer, the scam program will run a supposed malware scanner that eventually returns a report full of detected parasites. Also, Win7 AV won’t fail to issue tons of popup alerts that keep on telling you about insecure software (trojans, viruses, keyloggers, dialers etc.) that it has found on your PC. This is not true information so make sure you don’t fall for this trick. Just remember that Win7 AV is not able to find malware for one basic reason – it is malware itself. In case Win7 AV takes over your computer, you need to be fast and get rid of it for good. Also note that this rogue anti-spyware may try to prevent you from uninstalling its malcode. In that case, please enter Safe Mode with Networking (just hit F8 key multiple times when your PC is starting up) before you proceed with Win7 AV removal according to our guide provided further.

Malware Type: Rogue Anti-Spyware

Malware Author: Unknown

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Win7 AV Free Scanner and Remover: Download Now

Win7 AV Screenshot:

How to remove Win7 AV manually:
Manual removal of Win7 AV is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.

The files to be deleted are listed below:

• %ProgramFiles%\Win7 AV\
• %ProgramFiles%\Win7 AV\AxInterop.SHDocVw.dl
• %ProgramFiles%\Win7 AV\base001.dat
• %ProgramFiles%\Win7 AV\base002.dat
• %ProgramFiles%\Win7 AV\base003.dat
• %ProgramFiles%\Win7 AV\Interop.SHDocVw.dll
• %ProgramFiles%\Win7 AV\sbhostcl.dll
• %ProgramFiles%\Win7 AV\svhostesl.dll
• %ProgramFiles%\Win7 AV\svhostqt.dll
• %ProgramFiles%\Win7 AV\VmDetectLibrary.dll
• %ProgramFiles%\Win7 AV\Win7 AV.exe
• %ProgramFiles%\Win7 AV\Win7Browser.exe
• %ProgramFiles%\Win7 AV\Win7Common.dll
• %Documents and Settings%\[User Name]\Desktop\Win7 AV.lnk
• %Windows%\System32\windefWebModule.dll
• %Windows%\System32\windiskdefend.exe
• %Windows%\System32\windiskdefend.InstallState

The registry entries that need to be removed are as follows:

• HKLM\SOFTWARE\Classes\CLSID\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}
• HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}
• HKLM\SOFTWARE\Win7 AV
• HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\windiskdefend
• HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Disk Defender
• HKLM\SYSTEM\CurrentControlSet\Services\windiskdefend
• HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\w7avf
• HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Win7 AV

Please, be aware that manual removal of Win7 AV is a cumbersome process and does not always ensure complete deletion of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal Win7 AV, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Related Articles:

How to remove 007 Anti-Spyware rogue anti-spyware
How to remove MacroVirus rogue anti-spyware
How to remove Malware Doctor rogue anti-spyware