XP Security 2012 is a part of the 2012 group of name-changing rogues. This program pretends to be a legitimate anti-virus application, but is in fact a scam, created by hackers with the hope of gaining profit from unsuspecting users. The name of each rogue depends on the Windows OS used by every particular victim. Therefor XP Security 2012 appears in Windows XP users’ computers.
Cyber criminals use two main distribution methods for this rogue. To begin with – compromised websites. They hide Trojan pieces, which carry the XP Security 2012 infection. By simply clicking through the website, the user downloads the Trojans and they immediately invite the rogue in the computer system, as well. Trojans do not need authorization on the user’s part – they exploit vulnerabilities in the system, which are mainly caused by outdated software.
Figure 1. XP Security 2012 fake screen
The second method for spreading XP Security 2012 counts on the victim’s participation. It consists of online scanners placed on corrupted websites. Instead of performing security scans, however, these scanners only download the rogue on the PC without the user’s knowledge.
As soon as it creeps into a machine, XP Security 2012 presents itself as a Windows update, coming from Automatic Updates. Then, it gets installed as a randomly-named .exe file (its name consists of three characters only).
One of XP Security 2012′s main tricks is preventing any possible executable from being launched. When the victim tries to start a given program, the rogue appears in its place and states that the program has been infected. By blocking other software, XP Security 2012 tries to prevent the user from starting any anti-virus application that might be installed on the PC. Right from the moment of its installation, the villain starts producing a variety of fake alerts and notification, which warn about non-existing security threats and prompt the user to purchase the full version of XP Security 2012. Below, you can see some examples of bogus pop-ups, displayed by XP Security 2012.
System danger!
Your system security is in danger. Privacy threats detected. Spyware, keyloggers or Trojans may be working the background right now. Perform an in-depth scan and removal now, click here.
Privacy threat!
Spyware intrusion detected. Your system is infected. System integrity is at risk. Private data can be stolen by third parties, including credit card details and passwords. Click here to perform a security repair.
Stealth intrusion!
Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform a security scan and deletion now.
XP Security 2012 Firewall Alert
XP Security 2012 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
XP Security 2012 Alert
Security Hole Detected!
A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen. Do you want to block this attack?
With their constant appearing, the alerts are extremely annoying, and they also slow down the computer palpably. They aim at making the victim believe that there are indeed a number of viruses in the system and to consolidate this idea, XP Security 2012 makes malicious modifications that enable it to appear instead of FireFox or Internet Explorer, if they are launched from the Start Menu. It then displays a fake warning, declaring that the requested program is infected.
XP Security 2012 is also capable of hijacking the victim’s browsers in order to block particular security websites. Instead of opening the given website, the browser displays the following warning:
XP Security 2012 Alert
Internet Explorer alert. Visiting this site may pose a security threat to your system!
Possible reasons include:
- Dangerous code found in this site’s pages which installed unwanted software into your system.
- Suspicious and potentially unsafe network activity detected.
- Spyware infections in your system
- Complaints from other users about this site.
- Port and system scans performed by the site being visited.Things you can do:
- Get a copy of XP Security 2012 to safeguard your PC while surfing the web (RECOMMENDED)
- Run a spyware, virus and malware scan
- Continue surfing without any security measures (DANGEROUS)
The last deception strategy of the rogue is its counterfeit scanning tool. XP Security 2012 performs scans of the system every time and again and they all claim that there is a number of malware pieces in the PC. The list of viruses it presents, however, consists of legitimate Windows files, needed for the proper operation of the system. After each scan, the rogue urges the user to purchase XP Security 2012 full version. Please note that the full version of this program is also a scam, not a legitimate anti-virus software.
In conclusion, the best thing you can do in case XP Security 2012 has crept in your computer is to remove the rogue immediately with the help of a legitimate AV program.
*SpyHunter’s free scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware suite to remove the malware threats.