Win 7 Security 2012 is a rogue anti-spyware program that reports false system security threats to make you think that your computer is infected with malware when the only actual infection is Win 7 Security 2012 itself. It also displays fake security alerts and pop-ups stating that your computer is under attack from a remote computer or that your sensitive information can be stolen. Finally, it will ask you to purchase the program to remove the infections which don't even exist on your computer. As you can see, Win 7 Security 2012 is a total scam. Please don't purchase it and uninstall this bogus program from your computer upon detection.
Win 7 Security 2012 is a typical rogue program promoted through the use of Trojans and other malicious software. Trojan horses usually come from fake online anti-malware scanner or other misleading web sites. Once running, Win 7 Security 2012 will scan your computer for malware and display a list of infections that supposedly can't be removed with a trial version of the program, so you have to buy it. However, you already know that this is nothing more but a scam and you must ignore those alerts:
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
Win 7 Security 2012 Alert
Security Hole Detected!
A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen. Do you want to block this attack?
Win 7 Security 2012 won't make your computer more secure nor will it remove malware from your computer. What is more, it will block legitimate programs and hijack Internet Explorer to protect itself from being removed. As you can see, this fake program is not only very annoying but also dangerous. It may install additional malware on your computer. If you find that your PC is infected with Win 7 Security 2012 please use the removal instructions below to remove this infection from the system either manually or with an automatic removal tool. If you have already purchased this program then you should contact your credit card company and dispute the charges. In addition, use one of these this registration codes: 2233-298080-3424, 2233-298080-3424, 3425-814615-3990 or 9443-077673-5028 to disable the virus. Additionally, use this removal guide:
Win 7 Security 2012 manual removal:
Delete registry values:
HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerBrowserEmulation "TLDUpdates" = '1'
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "%1" %*'
HKEY_CURRENT_USERSoftwareClassesexefileshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "%1" %*'
HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "%1" %*'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "C:Program FilesMozilla Firefoxfirefox.exe"'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = '"%LocalAppData%kdn.exe" -a "C:Program FilesMozilla Firefoxfirefox.exe" -safe-mode'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = '"%LocalAppData%kdn.exe" -a "C:Program FilesInternet Exploreriexplore.exe"'
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = '1'
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = '1'