Win 7 Guard
Win 7 Guard is a rogue anti-spyware program designed to pilfer money from unwary computer users. Win 7 Guard uses Trojans to block legitimate software programs. This rogue program also produces popup warnings claiming that the system is infected and has lots of errors. The corrupt program will then urge unwary computer users to purchase a copy of Win 7 Guard to repair the system. Win 7 Guard poses a severe threat to PC security and should be removed before it starts wreaking havoc in the system.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%Local SettingsApplication DataopRSK %UserProfile%Local SettingsApplication Datapw.exe %UserProfile%Local SettingsApplication DataMSASCui.exe %UserProfile%AppDataLocalopRSK %UserProfile%AppDataLocalpw.exe %UserProfile%AppDataLocalMSASCui.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*HKEY_CLASSES_ROOTpezfileHKEY_CLASSES_ROOTpezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*HKEY_CURRENT_USERSoftwareClassespezfileHKEY_CURRENT_USERSoftwareClassespezfileshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "%1" %*HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe"HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesMozilla Firefoxfirefox.exe" -safe-modeHKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "%UserProfile%Local SettingsApplication Datapw.exe" /START "C:Program FilesInternet Exploreriexplore.exe"HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = "1"HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = "1"
Additional Information on Win 7 Guard
- The following messages's were detected:
# Message 1 Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.