Remove Antivirus Protection 2012
Removal instructions

Severity scale:  
  (76/100)
Antivirus Protection 2012 is also known as Antivirus Protection

Antivirus Protection 2012 is a typical cyber threat that pretends to be legitimate. Trying to do that, this scamware displays trustworthy-looking but completely fake alerts and scanners that all report the same useless information about numerous viruses detected. Please, never fall for Antivirus Protection 2012 because it's useless and has no capability to detect or remove malware. That's because it has an empty virus database and 'finds' the same viruses on every computer that it manages to infect. If you find this malware on your PC, remove Antivirus Protection malware without any delay.

In most of the cases, this sneaky application spreads via Trojans that help for it to get inside the system without any victim's permission asked. In addition, Antivirus Protection 2012 is set to start once the PC is rebooted and display all those annoying alerts that report harmless files but not dangerous viruses. When installed and active, Antivirus Protection 2012 typically displays fake system scanners that should convince people that they really have viruses on their computers. However, it must be ignored and eliminated ASAP. If you leave it, you will receive numerous alerts saying something like this:

Antivirus Protection 2012 Firewall Alert
Your computer is being attacked from a remote machine!
Block Internet access to your computer to prevent system infection.
Attacker IP: [ip address]
Attack type: RCPT exploit

Antivirus Protection 2012 Firewall Alert
Suspicious activity in your registry system space was detected. Rogue malware detected in your system. Data leaks and system damage are possible. Please use a deep scan option.

Antivirus Protection 2012
Spyware.IEMonster process is found. The virus is going to send your passwords from Internet browser (Explorer, Mozilla Firefox, Outlook & others) to the third-parties. Click here for further protection of your data with Antivirus Protection 2012.

Antivirus Protection 2012
Your computer is being used as spamming machine. You can get sued for spam. Your computer WIL BE DISCONNECTED FORM INTERNET BECAUSE SPAMMING OTHER PCs.

In additon, if ignored it starts displaying such alerts:

Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Do you want to block this suspicious software?
Name: Sft.Dez.Wien
Risk: High

Security Center
Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to a remote computer!
Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
To protect your private data, please click "Prevent Connection" button below.

You have been infected by a proxy-relay trojan server with new and danger "SpamBots".
You have a computer with a virus that sends spam.
This is a mass-mailing worm with backdoor thus allowing un-authorized access to the infected system.
It spreads by mass-mailing itself to e-mail addresses harvested from the local computer or by querying on-line search engines such as google.com.
The IP address that YOU are getting from Internet Service Provider (ISP) for YOU personal computer is on some major blacklist.
Your computer has been used to send a huge amount of junk e-mail messages during the last days.
You IP will be marked in the Police log file as mass-mailing spam assist.
Upgrading to the full version Antivirus Protection 2012 it will eliminate the majority of Spam attempts.

As you can see, Antivirus Protection 2012 employs misleading tactics to promote its licensed version. Generating bogus alerts and fake system scanners, reporting numerous security risks and disabling victim from using his PC properly – these are the main signs that you have a deal with malware. If you notice Antivirus Protection 2012 on your PC, please don't wait for long because you may end up with damaged PC. Please, use a reputable anti-spyware and remove Antivirus Protection 2012. We highly recommend you using STOPzilla or SpyHunter anti-spywares. If you are disabled from launching these or other anti-spyware programs, go "START" -> "RUN" and insert there taskkill /f /im rundll32.exe (keep all the gaps and slashes).

Automatic Antivirus Protection 2012 removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Antivirus Protection 2012 you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
remover for Antivirus Protection 2012 Happiness
Guarantee
Compatible with Microsoft
SpyHunter is recommended remover to uninstall Antivirus Protection 2012. You should confirm using free trial that it detects current version of parasite.
more than 40.000.000 downloads!
What to do if you failed to remove the infection?
If you failed to remove Antivirus Protection 2012 using SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.

Alternate Software

STOPzilla
We are testing STOPzilla's efficiency at removing Antivirus Protection 2012 (2012-02-20 06:02:31)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Antivirus Protection 2012 (2012-02-20 06:02:31)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency at removing Antivirus Protection 2012 (2012-02-20 06:02:31)
Defender Pro Ultimate
We are testing Defender Pro Ultimate's efficiency at removing Antivirus Protection 2012 (2012-02-20 06:02:31)
Virus Removal Phone Support
1-877-657-9614
Help Line to remove Antivirus Protection 2012

Antivirus Protection 2012 screenshot

Antivirus Protection 2012 snapshot

Antivirus Protection 2012 manual removal

Kill processes:
AntivirusProtection2012.exe
rundll32.exe
[random].exe,
2010yo.exe
472a10e2ebxd9.exe
56493.exe
cosock.exe
cowceb.exe
d20mes.exe
dc_3.exe
ddoll3342.exe
destroyer.exe
exppdf_w.exe
hhbboll_2.exe
jofcdks.exe
lols.exe
puzpup.exe
sycre.exe
winifi.exe
wwwsssgen.exe
securityhelper.exe
securitymanager.exe
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_CURRENT_USER\Software\Antivirus Protection
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Antivirus Protection"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Antivirus Protection 2012 SM"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus Protection
Delete files:
%AppData%\Antivirus Protection\
%AppData%\Antivirus Protection\AntivirusProtection2012.exe
%AppData%\Antivirus Protection\IcoActivate.ico
%AppData%\Antivirus Protection\IcoHelp.ico
%AppData%\Antivirus Protection\IcoUninstall.ico
%AppData%\Antivirus Protection\securityhelper.exe
%AppData%\Antivirus Protection\securitymanager.exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\Antivirus Protection.lnk
%StartMenu%\Programs\Antivirus Protection.lnk
%StartMenu%\Programs\Antivirus Protection\
%StartMenu%\Programs\Antivirus Protection\Activate Antivirus Protection.lnk
%StartMenu%\Programs\Antivirus Protection\Antivirus Protection.lnk
%StartMenu%\Programs\Antivirus Protection\Help Antivirus Protection.lnk
%StartMenu%\Programs\Antivirus Protection\How to Activate Antivirus Protection.lnk
%Temp%\2010yo.exe
%Temp%\472a10e2ebxd9.exe
%Temp%\56493.exe
%Temp%\cosock.exe
%Temp%\cowceb.exe
%Temp%\d20mes.exe
%Temp%\dc_3.exe
%Temp%\ddoll3342.exe
%Temp%\destroyer.exe
%Temp%\exppdf_w.exe
%Temp%\hhbboll_2.exe
%Temp%\jofcdks.exe
%Temp%\lols.exe
%Temp%\puzpup.exe
%Temp%\sycre.exe
%Temp%\winifi.exe
%Temp%\wwwsssgen.exe

Geolocation of Antivirus Protection 2012

Map reveals the prevalence of Antivirus Protection 2012. Countries and regions that have been affected the most are: India and United States.

Information added: 02/20/12 06:02; information updated: 04/10/12 14:41

Additional resources

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Comments on Antivirus Protection 2012

0
0
Axel
Antivirus Protection 2012 added all of these executable files to my /documents and settings/ /All users/temp folder : (all with the same date and time, exactly at the time of infection) :

02c9c3c35bdx5.exe
17dkf.exe
1iowieoo.exe
2010yo.exe
472a10e2ebxd9.exe
56493.exe
8gmsed-bd.exe
a75wef8e0e7.exe
A9R1699.tmp
ae0965a7157cd.exe
al3erfa3.exe
alerfa.exe
alerfa2.exe
altedf.exe
aqfitrlxi2.exe
backd-efq.exe
brdss.exe
bzqa43d.exe
cffd4.exe
cocksucker.exe
cosock.exe
cowceb.exe
cunifuc.exe
d20mes.exe
dc_3.exe
dd10x10.exe
ddoll3342.exe
destroyer.exe
dffuck.exe
dgxdro.exe
dkfjd93.exe
ds7hw.exe
eelnvd13.exe
exppdf_w.exe
fadz43.exe
fe.exe
format.exe
gedx_ae09.exe
ggwwef9752.exe
gpupz2a.exe
g_dx234.exe
hardwh.exe
hhbboll_2.exe
hiphop.exe
hjkgfddd.exe
hodeme.exe
htfad4.exe
hvipws9.exe
jdhellwo3.exe
jkfuckfu.exe
jofcdks.exe
kjdh_gf_jjdhgd.exe
kjh102k3.exe
kn.a.exe
kock.exe
ljts-23.exe
lkhgg_ea.exe
lols.exe
lorsk.exe
ploper.exe
poertd.exe
ppddfcfux.exxe
protector2.exe
pswwg3c.exe
puzpup.exe
qwedvor.exe
qwklrvjhqlkj.exe
r0life.exe
rator.exe
rtfme.exe
safe.exe
snowif.exe
SOF86.tmp
sycre.exe
timem.exe
tryh-blv.exe
w32-reno-c.exe
w32rim_mem.exe
warsddd_w.exe
wefgetn_00.exe
wined.exe
winifi.exe
wqefqw7e.exe
wrcud12.exe
wrfwe_di.exe
wwautrsd.exe
wwwsssgen.exe
_F18.tmp

I removed all of them.
I use the free Sysinternals utilities suite to detect unusual files and processes (especially "Process explorer" and "Autoruns")

Cheers
0
0
myron
Good to know about the instruction for Removal Antivirus Protection 2012 .
0
0
sabrinasai
I personally use Comodo Antivirus

Post a comment

Attention: Use this form only if you have additional information about Antivirus Protection 2012 parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)
Like us on Facebook
Read on mobile
News
Press Mentions
I failed to remove Antivirus Protection 2012 using SpyHunter.

Email


Close
add text box
rss feed
help other
Spreading the knowledge: It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!