Home Malware Programs Rogue Anti-Spyware Programs Perfect Antivirus 2012

Perfect Antivirus 2012

Posted: March 19, 2012

Threat Metric

Threat Level: 2/10
Infected PCs: 41
First Seen: March 19, 2012
OS(es) Affected: Windows

Perfect Antivirus 2012 is a rogue anti-virus application that's marketed at raxco.com and similar sites via fake infection warnings. Because Perfect Antivirus 2012 is a very new example of scamware with developers who have conducted a deliberate misinformation campaign, many PC security companies have yet to identify Perfect Antivirus 2012 as a threat to your computer. In spite of this and its strong resemblance to the unrelated and legitimate Bitdefender Antivirus brand, Perfect Antivirus 2012 should be considered a danger without any accurate system analysis or threat detection information to provide. SpywareRemove.com malware researchers recommend that you remove Perfect Antivirus 2012 as soon as you can use appropriate anti-malware software, since rogue AV programs like Perfect Antivirus 2012 may also create security hazards that make your computer exceptionally vulnerable to other attacks.

A Tally of Perfect Antivirus 2012's Shortcomings as AV Software

Perfect Antivirus 2012, as an interface rip-off of legitimate software, looks like a reputable program on the outside. This also extends to the offhand appearance of its security features, which include the warning messages and system scans that are common to most types of rogue anti-virus programs. Unfortunately, your chances of seeing real warning messages that are accurate to your computer's health are slim, since SpywareRemove.com malware experts haven't found any signs of Perfect Antivirus 2012 having genuine threat detection functions. Warning messages such as application infection pop-ups or system errors that are associated with Perfect Antivirus 2012 should always be ignored, and following their recommendations may even damage your PC.

As is usually true of fake anti-virus products, SpywareRemove.com malware analysts have also noted that Perfect Antivirus 2012 alters the Windows Registry to insure its own automatic startup. This allows Perfect Antivirus 2012 to display its fake security information continually and may also be used to block legitimate anti-malware applications that could delete Perfect Antivirus 2012. Turning Perfect Antivirus 2012 off is the best way to start any attempt to resolve a Perfect Antivirus 2012 infection, and can be accomplished by using secure boot options (such as booting from a USB device or using Safe Mode).

Being Better Than Perfect Antivirus 2012's Poor Efforts at Antivirus Features

Perfect Antivirus 2012 is distributed by malicious websites, usually along with suggestive warnings that imply that you should download Perfect Antivirus 2012 to cure a nonexistent infection on your computer. In light of this, SpywareRemove.com malware research team stresses the importance of only using trustworthy anti-malware products, as well as avoiding questionable software recommendations from suspicious websites. Deleting Perfect Antivirus 2012, once Perfect Antivirus 2012 is disabled, is also something that should be left to your appropriate security software, since Perfect Antivirus 2012 will modify the Windows Registry and make other system changes that are difficult to undo without advanced anti-malware assistance.

As a very recent PC threat with a marketing campaign that began in early March 2012, Perfect Antivirus 2012 may be able to avoid anti-malware scanners that aren't using recent threat databases. Whenever possible, patching your anti-malware software to use its most recent database is recommended before you remove Perfect Antivirus 2012, to insure total detection of all malicious components.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Perfect Antivirus 2012 may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%CommonAppData%\\.exe File name: %CommonAppData%\\.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%CommonAppData%\\ File name: %CommonAppData%\\
Group: Malware file
%CommonAppData%\ File name: %CommonAppData%\
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce ""HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}HKEY_USERS\S-1-5-21-861567501-152049171-1708537768-1003_Classes\%s "(Default)" = ""HKEY_USERS\S-1-5-21-861567501-152049171-1708537768-1003_Classes\\shell\open\command "(Default)" = "%CommonAppData%\\.exe" -s "%1? %*HKEY_CURRENT_USER\Software\Classes\\shell\open\command "(Default)" = "%CommonAppData%\\.exe" -s "%1? %*