System Security 2012
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 10 |
| First Seen: | November 4, 2011 |
| Last Seen: | January 8, 2020 |
| OS(es) Affected: | Windows |
System Security 2012 Image
System Security 2012 is one of the many fake security applications associated with the FakeScanti Trojan, also known as the WinAVPro family of rogueware. As the year 2011 comes to an end, the criminals behind these malware infections have started releasing clones of the rogue security applications in this family with '2012' appended to the program's name. Despite its name, System Security 2012 has absolutely nothing to do with legitimate anti-virus protection. This fake security program does exactly the opposite of what it advertises. Rather than protecting your computer, it makes it more vulnerable to other malware threats; instead of helping a machine become more efficient, System Security 2012 provokes crashes and makes your computer run slowly; instead of stopping malware in its tracks, System Security 2012 is a malware infection in itself. This is why ESG PC security researchers recommend removing System Security 2012 with the help of a reliable anti-malware tool. Known clones of System Security 2012 include malware such as Security Sphere 2012, Data Restore, Fake System Restore, System Security 2011, OpenCloud Antivirus, OpenCloud Security, and Internet Antivirus 2011. These programs and many more are basically the same with only slight changes to the interface and title of each new version of the FakeScanti Trojan.
Table of Contents
Symptoms of a System Security 2012
A System Security 2012 infection can be easily recognized because of its insistent use of constant fake security alerts and pop-up notifications. While many malware infections thrive while undetected, making sure that the user never finds out about their presence on the infected computer system, this is not the case with System Security 2012 and other rogues. Rogue security applications like System Security 2012 want to scare PC users out of their wits. This is because System Security 2012 and its clones try to simulate a full-blown malware attack in order to convince the victim to purchase a useless "full version" of System Security 2012 to remove the imaginary infection. Clicking on any of the constant, alarming error messages that System Security 2012 displays will take the victim to System Security 2012's website where the victim is prompted to pay for this useless fake anti-malware application. Some common symptoms of a System Security 2012 infection include:
- General system crashes and instability.
- Blocked access to your applications and files, especially legitimate security programs which System Security 2012 blocks in order to protect itself.
- The sudden disappearance of files from your hard drive. Do not worry, System Security 2012 will rarely delete files, but simply hide them in order to convince the victim that the computer is severely infected.
Once installed, System Security 2012 will perform a fictitious system scan and report false malware infections to scare you into believing that your PC is corrupted. System Security 2012 will also show fabricated security notifications and warnings to inform you that your PC is compromised. You should ignore all security messages and alerts associated with System Security 2012, because they all are generated to scare you and trick you into buying its software. System Security 2012 is not able to secure or improve your PC. ESG's malware researchers strongly advise you not to waste your money on System Security 2012 and remove it as quickly as possible by using a trustworthy and powerful anti-spyware program.
Aliases
2 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Panda | Suspicious file |
| Sophos | Mal/FakeAV-IS |
SpyHunter Detects & Remove System Security 2012
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | dwme.exe | c1fa9c73a68858a1a439fdd8086e530a | 5 |
| 2. | YTZkIVrlOtAuSiF.exe | b7ddb0cae9cb1cb77904e5f8f771170a | 2 |
| 3. | dwme.exe | 574969c01c04c4716b1568a096c22796 | 1 |
| 4. | %StartMenu%\Programs\Startup\crss.exe | ||
| 5. | %Temp%\svhostu.exe | ||
| 6. | %AppData%\svhostu.exe | ||
| 7. | %UserProfile%\Desktop\System Security 2011.lnk | ||
| 8. | %AppData%\[RANDOM CHARACTERS]\System Security 2011.ico | ||
| 9. | %AppData%\ldr.ini | ||
| 10. | %Temp%\8.tmp | ||
| 11. | PnG44aQHsWKfE9.exe | 1af115f6c15d532c5837229d7eee191c | 0 |
Registry Details
Messages
The following messages associated with System Security 2012 were found:
|
Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer. Click here to clean your PC immediately. |
|
Security Warning
There are critical system files on your computer that were modified by malicious software. It may cause permanent data loss. Click here to remove malicious software. |
|
Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection. |
|
Warning infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer. Keylogger Zeus Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails. |
|
Warning! Infection found
Unauthorized sending E-MAIL with subject "RE:" to [FAKE EMAIL HERE] was CANCELLED. |
|
Warning: Infection is Detected
Windows has found spyware infection on your computer! Click here to update your Windows antivirus software |
|
Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program. Do you want to keep blocking this program? Name: Zeus Trojan Publisher: Unauthorized Warning! The file "taskmgr.exe" is infected. Running of application is impossible. Please activate your antivirus software |
|
Windows Security Center
Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC? |
|
svchost.exe
svchost.exe was replaced with unauthorized program. It has encountered a problem and needs to close. If you were in the middle of something, the information you were working on might be lost. Please tell Microsoft about this problem. We have created an error report that you can send to us. We will treat this report as confidential and anonymous. |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.