Home Malware Programs Rogue Anti-Spyware Programs Security Guard 2012

Security Guard 2012

Posted: October 4, 2011

Threat Metric

Threat Level: 8/10
Infected PCs: 12
First Seen: October 4, 2011
Last Seen: October 30, 2020
OS(es) Affected: Windows

Security Guard 2012 is a fake anti-virus program from the family of many other types of confirmed rogue security products. SpywareRemove.com malware research team has found that Security Guard 2012 shows the standard signs of a scamware product by creating fake error messages and requesting money in return for deleting nonexistent PC threats. Security Guard 2012 infections may also be responsible for more serious attacks than the above issues, such as browser hijacks or malfunctioning security software. Because Security Guard 2012 infections often contain rootkit-like properties, it's strongly suggested that you use an appropriate anti-malware program to delete Security Guard 2012, instead of taking the risk of removing Security Guard 2012 without any assistance.

The Start of Security Guard 2012's Crying Wolf Scam

Security Guard 2012 usually gains access to a computer by installing itself via drive-by-download scripts. These scripts may be completely hidden on a malicious site, or they may be embedded in a fake system scan pop-up. Although Security Guard 2012 markets itself in the form of a security program and looks like Security Guard 2012 has anti-virus features, Security Guard 2012, in reality, can neither find nor delete any kind of infection or other system problem. Security Guard 2012 will launch itself without your permission and create fake alerts frequently, even if your PC is completely healthy, save for the presence of Security Guard 2012 itself. Security Guard 2012 belongs to the FakeScanti family of rogue security programs that has, among its members Security Guard, Sysinternals Antivirus, WireShark Antivirus, Milestone Antivirus, BlueFlare Antivirus, Wolfram Antivirus, OpenCloud Antivirus, OpenCloud Security, Data Restore, AV Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, Sphere Security 2012, AV Protection 2011, Super AV 2013 and OpenCloud AV.

Common Security Guard 2012 errors that SpywareRemove.com malware experts have analyzed include:

svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.

Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Publisher: Unauthorized

Warning! Infection found
Unauthorized sending E-MAIL with subject "RE:" to was CANCELLED.

Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.

Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.

Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.

Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.

Warning: Infection is Detected
Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software

Warning: Spyware Detected
Windows has found spy programs running on your computer!
Click here to update your Windows antivirus software

Windows Security Center
Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC?

"Security Warning The file "taskmgr.exe" is infected. Running of application is impossible."

You should ignore all of Security Guard 2012's pop-up alerts and warnings, since these messages have nothing to do with your computer or the well-being of any applications. In fact, they only serve in the form of advertisements for Security Guard 2012's fake threat-removal services – which are available for a high fee.

Other Security Guard 2012 Problems That Make PC Security a Shaky Concept

Security Guard 2012 can also be responsible for a variety of other problems, all of which will reduce the safety and stability of your PC. Typical Security Guard 2012 attacks can include:

  • Browser hijacks that redirect your browser to Security Guard 2012's site or away from anti-malware sites.
  • Dysfunctional security programs, including anti-virus scanners, Windows Task Manager or MSConfig. Security Guard 2012 may prevent these programs from launching or stop them in the middle of system scans.
  • Blue error screen crashes, AKA the infamous Blue Screen of Death.
  • Wiped drive data that deletes information or prevents you from accessing certain disk drives, especially in Windows Explorer.

Nonetheless, Security Guard 2012 and Security Guard 2012's accompanying problems can be removed from your PC, if you use a suitable anti-malware program that's able to handle rootkit-level PC threats. SpywareRemove.com malware analysts recommend Safe Mode for the safest system-scanning environment and strongly encourage you to install all threat definition database updates before you try to detect and remove Security Guard 2012.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Security Guard 2012 may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%Windows%\[random_digits].exe File name: %Windows%\[random_digits].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Documents and Settings%\[UserName]\Local Settings\Temp\[random].tmp File name: %Documents and Settings%\[UserName]\Local Settings\Temp\[random].tmp
File type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
%Documents and Settings%\[UserName]\Desktop\Security Guard 2012.lnk File name: %Documents and Settings%\[UserName]\Desktop\Security Guard 2012.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION "svchost.exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "Security Guard 2012"

One Comment

  • avi dabach says:

    help help my pc canot functin right becuse some a h 'a infected my pc security gurd 2012 keep popping up and asking for money i don't have or alse and now i am in there hands can i be helped? plz advise cuse i allready paid to a company called ''spotzilla'' the $30 they ask for and then when i called them they ask for another $120 wich i don't have what is going on and who to trust i have no clue please '''help