Win 7 Total Security 2012

Win 7 Total Security 2012 Description

Win 7 Total Security 2012 is a fake security app that mimics the look of the Windows 7 operating system and known security tools available from trusted sources. Do not be tricked by Win 7 Total Security 2012. It is unable to detect and remove legitimate malware parasites despite its claims. All messages and system scan results rendered by Win 7 Total Security 2012 are fabricated. Purchasing Win 7 Total Security 2012 will not add functionality to the program but instead take your money in return for absolutely nothing.

Technical Information

File System Details

Win 7 Total Security 2012 creates the following file(s):
# File Name Detection Count
1 %UserProfile%\AppData\Local\MSASCui.exe N/A
2 %UserProfile%\Local Settings\Application Data\pw.exe N/A
3 %UserProfile%\AppData\Local\vz.exe N/A
4 %UserProfile%\AppData\Local\pw.exe N/A
5 %AppData%\Local\[3 characters].exe N/A
6 %UserProfile%\Local Settings\Application Data\MSASCui.exe N/A
7 %UserProfile%\Local Settings\Application Data\vz.exe N/A
8 %AppData%\Roaming\Microsoft\Windows\Templates\hjq6yh9lpq1nbz7yhj1ms9taq N/A
9 %UserProfile%\Local Settings\Application Data\opRSK N/A
10 %AppData%\Local\hjq6yh9lpq1nbz7yhj1ms9taq N/A
11 %UserProfile%\AppData\Local\opRSK N/A
12 %AllUsersProfile%\hjq6yh9lpq1nbz7yhj1ms9taq N/A
13 %Temp%\hjq6yh9lpq1nbz7yhj1ms9taq N/A

Registry Details

Win 7 Total Security 2012 creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)' = ''%UserProfile%\Local Settings\Application Data\[3 characters].exe' /START "%1? %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "IsolatedCommand' – ''%1? %*'
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon "(Default)' = '%1? = ''%UserProfile%\Local Settings\Application Data\[3 characters].exe' /START "%1? %*'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "IsolatedCommand' = ''%1? %*'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)' = ''%UserProfile%\Local Settings\Application Data\[3 characters].exe' /START "%1? %*'
HKEY_CLASSES_ROOT\.exe\shell\runas\command "IsolatedCommand' = ''%1? %*'
HKEY_CLASSES_ROOT\exefile\shell\runas\command "IsolatedCommand' = ''%1? %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)' = ''%UserProfile%\Local Settings\Application Data\[3 characters].exe' /START "C:\Program Files\Mozilla Firefox\firefox.exe' -safe-mode'
HKCR\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKCU\Software\Classes\pezfile
HKCU\Software\Classes\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\vz.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\exefile\DefaultIcon "(Default)' = '%1?
HKEY_CURRENT_USER\Software\Classes\exefile\shell\runas\command "(Default)' = ''%1? %*'
HKEY_CURRENT_USER\Software\Classes\.exe "Content Type' = 'application/x-msdownload'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command "(Default)' = ''%1? %*'
HKEY_CLASSES_ROOT\.exe\DefaultIcon "(Default)' = '%1?
HKEY_CLASSES_ROOT\.exe\shell\runas\command "(Default)' = ''%1? %*'
HKEY_CLASSES_ROOT\exefile\shell\open\command "IsolatedCommand' = ''%1? %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)' = ''%UserProfile%\Local Settings\Application Data\[3 characters].exe' /START "C:\Program Files\Mozilla Firefox\firefox.exe''
HKCR\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKCR\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\vz.exe" /START "%1" %*
HKCU\Software\Classes\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKLM\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"
HKEY_CURRENT_USER\Software\Classes\exefile "Content Type' = 'application/x-msdownload'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "IsolatedCommand' = ''%1? %*'
HKEY_CURRENT_USER\Software\Classes\.exe "(Default)' = 'exefile'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "IsolatedCommand' = ''%1? %*'
HKEY_CURRENT_USER\Software\Classes\exefile "(Default)' = 'Application'
HKEY_CLASSES_ROOT\.exe\shell\open\command "IsolatedCommand' = ''%1? %*'
HKEY_CLASSES_ROOT\exefile "Content Type' = 'application/x-msdownload'
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)' = ''%UserProfile%\Local Settings\Application Data\[3 characters].exe' /START "%1? %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)' = ''%UserProfile%\Local Settings\Application Data\[3 characters].exe' /START "C:\Program Files\Internet Explorer\iexplore.exe''
HKCR\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\vz.exe" /START "%1" %*
HKCR\pezfile
HKLM\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"