System Security 2012 Description
System Security 2012 is one of the many fake security applications associated with the FakeScanti Trojan, also known as the WinAVPro family of rogueware. As the year 2011 comes to an end, the criminals behind these malware infections have started releasing clones of the rogue security applications in this family with '2012' appended to the program's name. Despite its name, System Security 2012 has absolutely nothing to do with legitimate anti-virus protection. This fake security program does exactly the opposite of what it advertises. Rather than protecting your computer, it makes it more vulnerable to other malware threats; instead of helping a machine become more efficient, System Security 2012 provokes crashes and makes your computer run slowly; instead of stopping malware in its tracks, System Security 2012 is a malware infection in itself. This is why ESG PC security researchers recommend removing System Security 2012 with the help of a reliable anti-malware tool. Known clones of System Security 2012 include malware such as Security Sphere 2012, Data Restore, Fake System Restore, System Security 2011, OpenCloud Antivirus, OpenCloud Security, and Internet Antivirus 2011. These programs and many more are basically the same with only slight changes to the interface and title of each new version of the FakeScanti Trojan.
Symptoms of a System Security 2012
A System Security 2012 infection can be easily recognized because of its insistent use of constant fake security alerts and pop-up notifications. While many malware infections thrive while undetected, making sure that the user never finds out about their presence on the infected computer system, this is not the case with System Security 2012 and other rogues. Rogue security applications like System Security 2012 want to scare PC users out of their wits. This is because System Security 2012 and its clones try to simulate a full-blown malware attack in order to convince the victim to purchase a useless "full version" of System Security 2012 to remove the imaginary infection. Clicking on any of the constant, alarming error messages that System Security 2012 displays will take the victim to System Security 2012's website where the victim is prompted to pay for this useless fake anti-malware application. Some common symptoms of a System Security 2012 infection include:
- General system crashes and instability.
- Blocked access to your applications and files, especially legitimate security programs which System Security 2012 blocks in order to protect itself.
- The sudden disappearance of files from your hard drive. Do not worry, System Security 2012 will rarely delete files, but simply hide them in order to convince the victim that the computer is severely infected.
Once installed, System Security 2012 will perform a fictitious system scan and report false malware infections to scare you into believing that your PC is corrupted. System Security 2012 will also show fabricated security notifications and warnings to inform you that your PC is compromised. You should ignore all security messages and alerts associated with System Security 2012, because they all are generated to scare you and trick you into buying its software. System Security 2012 is not able to secure or improve your PC. ESG's malware researchers strongly advise you not to waste your money on System Security 2012 and remove it as quickly as possible by using a trustworthy and powerful anti-spyware program.
Technical Information
Screenshots & Other Imagery
File System Details
# | File Name | Size | MD5 | Detection Count |
---|---|---|---|---|
1 | %WINDIR%\system32\YTZkIVrlOtAuSiF.exe | 1,766,912 | b7ddb0cae9cb1cb77904e5f8f771170a | 2 |
2 | %APPDATA%dwme.exe | 99,840 | 574969c01c04c4716b1568a096c22796 | 1 |
3 | %StartMenu%\Programs\Startup\crss.exe | N/A | ||
4 | %Temp%\svhostu.exe | N/A | ||
5 | %AppData%\svhostu.exe | N/A | ||
6 | %UserProfile%\Desktop\System Security 2011.lnk | N/A | ||
7 | %AppData%\[RANDOM CHARACTERS]\System Security 2011.ico | N/A | ||
8 | %AppData%\ldr.ini | N/A | ||
9 | %Temp%\8.tmp | N/A | ||
10 | PnG44aQHsWKfE9.exe | 1,698,816 | 1af115f6c15d532c5837229d7eee191c | 0 |
Registry Details
More Details on System Security 2012
Security Warning Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer. Click here to clean your PC immediately. |
Security Warning There are critical system files on your computer that were modified by malicious software. It may cause permanent data loss. Click here to remove malicious software. |
Security Warning Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection. |
svchost.exe svchost.exe was replaced with unauthorized program. It has encountered a problem and needs to close. If you were in the middle of something, the information you were working on might be lost. Please tell Microsoft about this problem. We have created an error report that you can send to us. We will treat this report as confidential and anonymous. |
Warning infection found Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer. Keylogger Zeus Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails. |
Warning! Infection found Unauthorized sending E-MAIL with subject "RE:" to [FAKE EMAIL HERE] was CANCELLED. |
Warning: Infection is Detected Windows has found spyware infection on your computer! Click here to update your Windows antivirus software |
Windows Security Alert To help protect your computer, Windows Firewall has blocked some features of this program. Do you want to keep blocking this program? Name: Zeus Trojan Publisher: Unauthorized Warning! The file "taskmgr.exe" is infected. Running of application is impossible. Please activate your antivirus software |
Windows Security Center Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC? |
Site Disclaimer
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.