AV Protection 2012

Posted: November 23, 2011
Threat Metric
Threat Level: 8/10
Infected PCs 94

AV Protection 2012 Description

AV Protection 2012 Screenshot 1AV Protection 2012 is a member of the FakeScanti family of rogue anti-virus programs, and continues the family tradition of creating fake pop-up warnings and alerts to present false information about the presence of infections on your PC. Although its name implies a state-of-the-art set of brand-new features, SpywareRemove.com malware researchers have found that AV Protection 2012 indulges in the same attacks that are already overused by other types of fake AV products, including browser hijacks and blocking real security programs. If your PC has been attacked by AV Protection 2012, you should ignore AV Protection 2012's multitude of purchase requests and, instead, delete AV Protection 2012 by using standard anti-malware strategies and software.

Why AV Protection 2012 Has Zero Interest in Protecting Your PC

AV Protection 2012 has the basic look and feel of a normal anti-virus scanner, but SpywareRemove.com malware analysts have (as expected) found that AV Protection 2012 has no ability to detect or delete viruses. AV Protection 2012 makes up for this shortcoming by using several methods to create fake alerts instead of real PC threat warnings, and may supplement this bad information with a range of other attacks. Common signs of infection by AV Protection 2012 and other FakeScanti rogue AV programs include:

  • A desktop background image that's been changed to a threatening alert message.
  • The appearance of AV Protection 2012 or another scanner-like program that pretends to scan your PC every time Windows loads (and always finds a wide range of infections on your computer).
  • Pop-ups that request that you purchase an activation or registration key for AV Protection 2012 to cleanse these supposed infections.
  • Fake Windows Security Center windows that lead you to AV Protection 2012 or AV Protection 2012's website.
  • A broad range of totally-blocked software, including basic Windows programs and anti-malware tools.
  • System tray-based pop-up balloons that display unusual warning messages.
  • Spontaneous Windows reboots.
  • Blocked access to safe websites, especially sites that could assist you with removing AV Protection 2012.

The overall effect of these attacks makes it appear as though you should activate AV Protection 2012 quickly to fix your PC, but since AV Protection 2012 is the actual cause behind all of these problems, SpywareRemove.com malware experts strongly advise against such a course of action.

Entering 2012 with an AV Protection 2012-Free Computer

Although a competent anti-malware scanner is your best bet to rid your PC of AV Protection 2012 and other variants of FakeScanti, AV Protection 2012 itself may attempt to block any programs that could remove AV Protection 2012. There are several methods that SpywareRemove.com malware researchers have noted to be effective at working around AV Protection 2012's application barricade, such as:

  • Renaming the anti-malware program's .exe file to coincide with an allowed program such as iexplore.exe or explorer.exe
  • Rebooting your PC into Safe Mode to stop AV Protection 2012 from launching itself.
  • Booting Windows from a CD or USB drive.

You should also be aware of the possibility of affiliated infections that may install other variants from the FakeScanti family like Security Guard, Sysinternals Antivirus, WireShark Antivirus, Milestone Antivirus, BlueFlare Antivirus, Wolfram Antivirus, OpenCloud Antivirus, OpenCloud Security, Data Restore, OpenCloud AV, Security Guard 2012, AV Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, Sphere Security 2012, AV Protection 2011 and Super AV 2013. With regards to AV Protection 2012 specifically, SpywareRemove.com malware researchers have noted that the following codes may deactivate AV Protection 2012 by faking the registration process: '1225242171,' '1196121858' and '1354156739.'

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to AV Protection 2012 may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

Registry Modifications


The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AV Protection 2012HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[RANDOM SYMBOLS].exe"

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.