The blue screen virus is generated by the rogue anti-virus program, Antivirus 2010. This rogue anti-virus program installs itself onto your computer and proceeds to flood your computer with pop-ups and fake system security scans. In addition, the rogue anti-virus program displays a blue screen with the message, "A spyware application has been detected and Windows has been shut down to prevent damage to your computer." Note that these blue screen virus removal steps apply to the Windows Vista and 7 operating systems.
End Processes
Step 1
Press "Ctrl" + "Shift" + "Escape" to open the Windows Task Manager.
Video of the Day
Step 2
Click the "Processes" tab and then click "Show Processes From All Users."
Step 3
Click "Image Name" to view the list of processes in alphabetical order.
Step 4
End the following processes. To end a process, click on the process and then click "End Process."
AV2010.exe svchost.exe wingamma.exe
Step 5
Close the Windows Task Manager.
Delete Registry Entries
Step 1
Click "Start" and type "regedit" into the "Search Programs and Files" box and press "Enter." The Registry Editor opens.
Step 2
Delete each of the following registry entries from the left pane of the Registry Editor. To delete a registry entry, right-click on it and select "Delete." Note that deleting the wrong registry may cause serious system-wide complications.
HKEY_CURRENT_USER\Software\AV2010
HKEY_CLASSES_ROOT\AppID{3C40236D-990B-443C-90E8-B1C07BCD4A68}
HKEY_CLASSES_ROOT\AppID\IEDefender.DLL
HKEY_CLASSES_ROOT\CLSID{FC8A493F-D236-4653-9A03-2BF4FD94F643}
HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO
HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO.1
HKEY_CLASSES_ROOT\Interface{7BC7565C-5062-43CE-8797-DC2C271140A9}
HKEY_CLASSES_ROOT\TypeLib{705FD64B-2B7B-4856-9337-44CA1DA86849}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{FC8A493F-D236-4653-9A03-2BF4FD94F643}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class{4D36E972-E325-11CE-BFC1-08002bE10318}\0012
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class{4D36E972-E325-11CE-BFC1-08002bE10318}\0013
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class{4D36E972-E325-11CE-BFC1-08002bE10318}\0014
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Gamma Display"
Step 3
Close the Registry Editor.
Unregister DLLs
Step 1
Click "Start" and type "cmd" into the "Search Programs and Files" box and press "Enter." The Command Prompt opens.
Step 2
Type "regsvr32 /u IEDefender.dll" (without the quotation marks) into the Command Prompt and press "Enter." Click "Yes" if asked to confirm.
Step 3
Close the Command Prompt.
Delete Files and Folders
Step 1
Click "Start" and then click on the "Search Programs and Files" box.
Step 2
Search for and delete each of the following files and folders. To delete a file or folder, right-click on it and select "Delete."
c:\Documents and Settings\All Users\Desktop\AV2010.lnk c:\Documents and Settings\All Users\Start Menu\Programs\AV2010 c:\Documents and Settings\All Users\Start Menu\Programs\AV2010\Uninstall.lnk c:\Documents and Settings\All Users\Start Menu\Programs\AV2010\AV2010.lnk c:\Program Files\AV2010
Step 3
Restart your computer.