Win 7 Smart Security 2010 Description

Win 7 Smart Security 2010 is a rogue security program that changes its name according to the Operating System running on a compromised PC. Win 7 Smart Security 2010 is spread with the help of Trojans. Win 7 Smart Security 2010 uses fake pop-up warnings, security alerts and scan reports to scare users into purchasing its full version. Win 7 Smart Security 2010 may also attempt to remove or disable security programs that are running on the system in order to avoid detection. Win 7 Smart Security 2010 is a computer threat that must be removed immediately after detection.

Type: Rogue Anti-Virus Program

How Can You Detect Win 7 Smart Security 2010?

Win 7 Smart Security 2010 has typically the following processes in memory:

• av.exe

Win 7 Smart Security 2010 creates the following registry entries:

• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
• HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
• HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1″ %*
• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″

Important Article Disclaimer