Win 7 Internet Security 2012

Win 7 Internet Security 2012 Description

Type: Trojan

ScreenshotWin 7 Internet Security 2012 is a fraudulent security tool that will be installed on the corrupted computer system by simulating as an update for Windows security. When installed successfully, Win 7 Internet Security 2012 will configure itself to run automatically by adding its own entry on Windows registry. Win 7 Internet Security 2012 may gain control of the affected computer and command its operation to reroute a web browser to malicious websites. Win 7 Internet Security 2012 will block your Internet browser too. Each attempt to open a web browser will be accompanied by an alerting report about Trojan-BNK.Win32.Keylogger.gen infection supposedly keeping you from going online and using the Internet services via your web browser. That's tricky as well because there is no such thing as that computer trojan on your computer system. This web browser blocking is a part of the same routine as the already mentioned scanning and ad creating activity.

Win 7 Internet Security 2012 lures PC users and gives an impression of something you can rely on. Win 7 Internet Security 2012 scans your computer system but at the same time does not really check it for potential security threats. It means these reports following each scanner are full of malware infections listed in a long list. Even if you have a brand-new computer system, Win 7 Internet Security 2012 still warns you of numerous viruses in there. Win 7 Internet Security 2012 will be performing its bogus scanning activity with pop-up ads that do not actually reflect the real condition of your PC either. You should not ever trust Win 7 Internet Security 2012 and nor should you agree to its terms when it gets to type of helping you repair the PC and clean it of the imaginary malware threats. So the recommendations from Win 7 Internet Security 2012 to purchase its so-called licensed version should to be rejected. You need to uninstall Win 7 Internet Security 2012 without delay.

Technical Information

Screenshots & Other Imagery

Win 7 Internet Security 2012 Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Win 7 Internet Security 2012 creates the following file(s):
# File Name Detection Count
1 %AppData%\Local\[RANDOM CHARACTERS].exe N/A
2 %AppData%\Local\[RANDOM CHARACTERS] N/A
3 %AllUsersProfile%\[RANDOM CHARACTERS] N/A
4 %Temp%\[RANDOM CHARACTERS] N/A
5 %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS] N/A

Registry Details

Win 7 Internet Security 2012 creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon “(Default)” = ‘%1? = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1? %*’
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “IsolatedCommand” = ‘”%1? %*’
HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon “(Default)” = ‘%1?
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “(Default)” = ‘”%1? %*’
HKEY_CLASSES_ROOT\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[random].exe” /START “%1? %*’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Internet Explorer\iexplore.exe”‘
HKEY_CURRENT_USER\Software\Classes\.exe “Content Type” = ‘application/x-msdownload’
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command “(Default)” = ‘”%1? %*’
HKEY_CURRENT_USER\Software\Classes\exefile “Content Type” = ‘application/x-msdownload’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “IsolatedCommand” = ‘”%1? %*’
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1? %*’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode’
HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = ‘exefile’
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “IsolatedCommand” = ‘”%1? %*’
HKEY_CURRENT_USER\Software\Classes\exefile “(Default)” = ‘Application’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%1? %*’
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command “IsolatedCommand” – ‘”%1? %*’
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = ‘”%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS].exe” /START “%Program Files%\Mozilla Firefox\firefox.exe”‘

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.