Home Malware Programs Rogue Anti-Spyware Programs Win 7 Internet Security 2010

Win 7 Internet Security 2010

Posted: February 12, 2010

Win 7 Internet Security 2010 is a rogue anti-spyware program designed to steal money from hapless computer users. Win 7 Internet Security 2010 uses scare tactics with an aim to con the user into purchasing its useless product. Win 7 Internet Security 2010 enters the system after a Trojan infection creates a backdoor to grant the rogue entry. Once active, Win 7 Internet Security 2010 will produce a fake system scan and bogus results which claim that the PC is infected with malware. Soon a popup warning will appear stating the only way to remove the alleged malware is by purchasing a licensed version of Win 7 Internet Security 2010. Do not fall for this trickery and have Win 7 Internet Security 2010 removed using a reliable anti-malware program.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 av.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AV2010HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC8A493F-D236-4653-9A03-2BF4FD94F643}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\AppID\IEDefender.DLLHKEY_CLASSES_ROOT\AppID\{3C40236D-990B-443C-90E8-B1C07BCD4A68}HKEY_CLASSES_ROOT\CLSID\{FC8A493F-D236-4653-9A03-2BF4FD94F643}HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHOHKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO.1HKEY_CLASSES_ROOT\Interface\{7BC7565C-5062-43CE-8797-DC2C271140A9}HKEY_CLASSES_ROOT\TypeLib\{705FD64B-2B7B-4856-9337-44CA1DA86849}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0012HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0013HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0014HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Windows Gamma Display

3 Comments

  • Elise Leknes says:

    I'm really confused - I went through the registry editor looking for all the files and it turned out the only ones i found were:

    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0014
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0013
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0012

    but now what do i do? do i delete the entire '0012' folder for example? or do i need to find specific files inside of this folder to delete? there are ALOT of files in the folder.

    Help Please..... 🙁

  • GTB says:

    I do not how to remove my win 7 security internet if you can help i am waiting for the solution right now. think you

  • cyndi Reed says:

    I thought that this was real and I have already paid for it and now I am finding out it is fake. How do i get rid of it since I can't even use the internet on my computer? Please help!!

Loading...