Win 7 Internet Security 2011

Win 7 Internet Security 2011 Description

Type: Adware

Despite its authentic sounding name, Win 7 Internet Security 2011 is not a legitimate security program. Win 7 Internet Security 2011 is not designed for Windows 7, will not protect you when browsing the Internet, provides no security of any kind and the supposed 2011 version is exactly the same as Win 7 Internet Security 2010 and Win 7 Internet Security 2009 with only a few small tweaks made to this malicious program's interface. Fake security programs like Win 7 Internet Security 2011 are known as rogues, or rogue security applications. They belong to a well-known online scam that is created to prey on naive PC users by selling them useless security products. ESG security researchers consider that Win 7 Internet Security 2011 is a malware infection that presents a threat to your computer's security. A real, fully-updated security application should be used to remove Win 7 Internet Security 2011 completely from an infected computer. Failure to act in the event of a Win 7 Internet Security 2011 infection will typically result in further malware infections and the victim's computer becoming practically unusable, requiring reformatting (deleting all of the user's data in the process) and reinstalling the operating system on the affected hard drive.

The Win 7 Internet Security 2011 scam is practically identical to most versions of this fraudulent security application. Basically, Win 7 Internet Security 2011 will deliberately cause a number of problems on the victim's computer. For example, the victim's computer will run slowly, crash frequently, and display constant error messages and fake security alerts. These actions are meant to convince the victim that the computer is severely infected with malware (while in reality the main malware infection will usually be Win 7 Internet Security 2011 itself). The criminals behind Win 7 Internet Security 2011 will then attempt to have the victim purchase a useless 'full version' of Win 7 Internet Security 2011 in order to fix the very problems that Win 7 Internet Security 2011 caused on the victim's computer. ESG security researchers strongly advise against purchasing Win 7 Internet Security 2011. Instead, Win 7 Internet Security 2011 should be removed at once. If you have already paid for Win 7 Internet Security 2011, you may still be able to call your credit card company in order to cancel the charges on your credit card.

Technical Information

File System Details

Win 7 Internet Security 2011 creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[User Name]\Local Settings\Application Data\MSASCui.exe N/A
2 %Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe N/A
3 %Documents and Settings%\[User Name]\Local Settings\Application Data\opRSK N/A

Registry Details

Win 7 Internet Security 2011 creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command "(Default)" = "%Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CLASSES_ROOT\pezfile\shell\open\command "(Default)" = "%Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_CLASSES_ROOT\pezfile
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%Documents and Settings%\[User Name]\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.