Win 7 Internet Security 2012 is a malicious program, part of the 2012 family of rogues. The members of this family are classified as name-changing rogues since they operate in an extremely similar manner, but their names vary in accordance with the Windows OS that the victim uses.
Win 7 Internet Security 2012 is distributed in two main ways: via Trojans, hidden in compromised websites, or via fake online scanners. The Trojans need only a click on the website in order to get installed on the targeted system. They enter machines through vulnerabilities in their systems mainly caused by outdated software. Online scanners, on the other hand, count on the user’s participation. They claim that the system has been infected and prompt the victim to download a file – this file is the Win 7 Internet Security 2012 infection.
Figure 1. Win 7 Internet Security 2012 fake scan
When inside a PC, Win 7 Internet Security 2012 first mimics a Windows security update, coming from Automatic Updates. Then, it gets installed as a single .exe file, which is extremely difficult to remove. Its name consists of three random letters.
As soon as Win 7 Internet Security 2012 is done with its installation, it immediately starts producing a variety of fake warnings, claiming that the computer is flooded with viruses:
Severe System Damage!
Spyware and viruses detected in the background. Sensitive system components under attack! Data loss, identity theft and system corruption are possible. Act now, click here for a free security scan.
Win 7 Internet Security 2012 Alert
Security Hole Detected!
A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen. Do you want to block this attack?
Win 7 Internet Security 2012 Alert
System Integrity Check
Warning! Sensitive data may be sent over your internet connection right now! Threat: Trojan-PSW.Win32.Antigen.A
Win 7 Internet Security 2012 Firewall Alert
Win 7 Internet Security 2012 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen Private data can be stolen by third parties, including credit card details and passwords.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
System Hijack!
System security threat was detected. Viruses and/or spyware may be damaging your system now. Prevent infection and data loss or stealing by running a free security scan.
Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
The alerts are not only irritating, but they also slow down the overall performance of the PC. Their main purpose is to make the user believe there are indeed a number of security threats, and they advertise Win 7 Internet Security 2012 as the best security solution.
Another trick, employed by the rogue, is blocking other applications. Via malicious configurations, Win 7 Internet Security 2012 manages to prevent the launching of other programs – it appears instead of them and states they have been corrupted. What is even more, it hijacks the victim’s browser and makes them incapable of viewing certain security websites. It does so in an attempt to prevent the user from finding out that Win 7 Internet Security 2012 is a scam. The message Win 7 Internet Security 2012 shows in order to justify blocking the websites is:
Win 7 Internet Security 2012 Alert
Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
- Dangerous code found in this site’s pages which installed unwanted software into your system.
- Suspicious and potentially unsafe network activity detected.
- Spyware infections in your system
- Complaints from other users about this site.- Port and system scans performed by the site being visited.
Things you can do:
- Get a copy of Win 7 Internet Security 2012 to safeguard your PC while surfing the web (RECOMMENDED)
- Run a spyware, virus and malware scan
- Continue surfing without any security measures (DANGEROUS)
Furthermore, if the victim tries to launch FireFox or Internet Explorer from the Start Menu, Win 7 Internet Security 2012 is displayed instead and it claims that the program has been corrupted.
The rogue’s main trick, however, are still the fake scans. They are performed every now and again and seem legitimate enough to people who have not come across fake AVs before. At the end of each scan, a bogus list of viruses is presented. In reality, the files included in the list are legitimate Windows files, which are crucial for the system. After the scan, the malevolent program urges the victim to buy the “licensed” version of Win 7 Internet Security 2012 by advertising it as the best solution for the security problems found by the scans. It is a fact, however, that the full version of this product is just as fake as the trial one.
To put it in a nutshell, Win 7 Internet Security 2012 is not a legitimate anti-virus software no matter how hard it tries to pass by as one. It is a malicious virus that should be eliminated as soon as it manages to enter a PC!
*SpyHunter’s free scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware suite to remove the malware threats.