July 7, 2011

Win 7 Antimalware 2011.

Win 7 AntiMalware 2011 is a pure scam program. Spread by fake Microsoft’s security update for Windows 7 systems, it makes PC’s unusable till you remove this fake antivirus.
There are couple names this parasite uses, sometimes it goes as Win 7 Antimalware (without the date) as well.
After fake update installation, each program you try to launch will result of file pw.exe executed. This file is responsible for Win 7 AntiMalware 2011. It will show a rogue interface, where you are suggested to do a scan to remove infections from your PC. The scan results are fake, it detects harmless files as infected and will not detect any real viruses (if you have any besides this rogue). After a scan you are asked to pay for removing files it detected. I suggest not doing this.
Single programs you can launch “normally” are Firefox and IE browsers. However, all internet traffic are intercepted by this Win 7 Antimalware and soon you will start getting messages about blocked “dangerous” websites.

You can ignore these warnings, though you will need to remove the rogue from your PC to be able to surf normally. Secured connections might be intercepted as well, but this is less likely.
You should ignore everything Win 7 Antimalware tries to tell you. Do not pay for it, do not delete files it detects, do not listen to its alerts.
Kill malicious Processes from Task Manager: 
  • <random>.exe
  • pw.exe
 Location of the infection:
  1. %UserProfile%\Application Data\[random].exe
  2.  %UserProfile%\Application Data\pw.exe
  • HKEY_CLASSES_ROOT\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
  • HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*?
Although it is possible to manually remove Win 7 Antimalware 2011, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend  malware and spyware removal applications.

After removing all these files, restart your computer and the issue will be fixed. And don’t forget to do update your Security Software, check the Firewall Settings and the Operating System and finally do a full system scan with the Security Software.


Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog



Twitter Delicious Facebook Digg Stumbleupon Favorites More