AV Protection 2012

AV Protection 2012 Description

Type: Trojan

ScreenshotAV Protection 2012 belongs to a large family of rogue anti-virus programs. Known clones of AV Protection 2012 include rogue anti-virus programs such as Security Sphere 2012, Win 7 Smart Security 2010, Vista Guardian 2010, Desktop Defender, XP Internet Security 2011 and Cloud AV 2012. These are only a few of the dozens of versions of this fake anti-virus program, which has been at large since 2009 at the very least. Rogues in the AV Protection 2012 family include a code that has been present in rogue anti-spyware applications dating as far back as 2005. ESG security researchers warn against downloading AV Protection 2012 or any of its clones. AV Protection 2012 has absolutely no anti-virus capabilities and is part of a well-known online scam. Using deception and preying on many computer users' inexperience, AV Protection 2012 attempts to steal its victims' money. An AV Protection 2012 infection seldom comes alone; its presence wil,l usually, include a number of dangerous Trojans and an extremely dangerous rootkit or bootkit infection. Because of this, ESG malware analysts strongly recommend removing AV Protection 2012 from your computer system immediately.

When it comes to the symptoms AV Protection 2012 causes, AV Protection 2012 is quite similar to the most popular rogue anti-virus applications. AV Protection 2012 will usually manifest itself in a large number of error messages and security alerts, decreased system performance and Internet browser redirects. AV Protection 2012 sports a sleek dark-colored interface with logos meant to resemble those used by legitimate security programs such as Microsoft Security Essentials. When installed, AV Protection 2012 makes dangerous changes to the infected operating system's registry which allows AV Protection 2012 to launch automatically during start-up. This means that, unless the infected computer system is started in Safe Mode, the victim will have little or no control over the infected operating system. AV Protection 2012 is able to start and stop file processes, hide or block certain files and applications and block access to the Internet. A computer system infected with the AV Protection 2012 rogue anti-virus application will also crash frequently, become stuck suddenly or display the dreaded "blue screen of death." While manual removal of AV Protection 2012 is possible, ESG security researchers recommend using a reliable anti-malware program. In the event of an associated rootkit infection, a special tool for rootkit removal may be necessary.

Technical Information

File System Details

AV Protection 2012 creates the following file(s):
# File Name Detection Count
1 %AppData%\svhostu.exe N/A
2 %AppData%\ldr.ini N/A
3 %AppData%\[RANDOM SYMBOLS]\AV Protection 2012.ico N/A

Registry Details

AV Protection 2012 creates the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[RANDOM SYMBOLS].exe"
HKEY_CURRENT_USER\Software\AV Protection 2012

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.