How to remove Antivirus Protection 2012?
What is Antivirus Protection 2012?
Antivirus Protection 2012 is another clone of fake security applications mimicking Windows Defender, a legitimate anti-malware program by Microsoft. It belongs to the same family as Security Defender and AntiMalware Defender, and is a resurrection of a less active branch of malware.
Like other parasites of this family, Antivirus Protection rogue is distributed by malware that infect legitimate pages, windows vulnerabilities and various downloads bundled with trojans. Usually this type if viruses pretends to be anti-virus software and users install them just by clicking on advertisements, downloading unsafe files and installing downloads bundled with trojans.
First, Antivirus Protection 2012 closes majority of windows that are open to draw attention to itself. Second, it will start showing various alerts to convince you that your PC is heavily infected with spyware, malware, trojans and other parasites:
Antivirus Protection 2012 Firewall Alert
Your computer is being attacked from a remote machine!
Block Internet access to your computer to prevent system infection.
Attacker IP: [ip address]
Attack type: RCPT exploit
Antivirus Protection 2012 Firewall Alert
Suspicious activity in your registry system space was detected. Rogue malware detected in your system. Data leaks and system damage are possible. Please use a deep scan option.
Antivirus Protection 2012
Spyware.IEMonster process is found. The virus is going to send your passwords from Internet browser (Explorer, Mozilla Firefox, Outlook & others) to the third-parties. Click here for further protection of your data with Antivirus Protection 2012.
If ignored and left on your computer, it will continue its aggressive campaign and will display more alerts:
Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Do you want to block this suspicious software?
Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to a remote computer!
Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
To protect your private data, please click “Prevent Connection” button below.
You have been infected by a proxy-relay trojan server with new and danger “SpamBots”.
You have a computer with a virus that sends spam.
This is a mass-mailing worm with backdoor thus allowing un-authorized access to the infected system.
It spreads by mass-mailing itself to e-mail addresses harvested from the local computer or by querying on-line search engines such as google.com.
The IP address that YOU are getting from Internet Service Provider (ISP) for YOU personal computer is on some major blacklist.
Your computer has been used to send a huge amount of junk e-mail messages during the last days.
You IP will be marked in the Police log file as mass-mailing spam assist.
Upgrading to the full version Antivirus Protection 2012 it will eliminate the majority of Spam attempts.
Despite these warnings, your system is not attacked by hackers directly, although the claims about infections are partially true: you are infected with trojan promoting rogue antivirus. If you wonder why it is done so, it becomes clear after you try running system scan with it: You are asked to provide credit card details to remove all the threats like Win32/GameVance, Win32/Yektel.A, Win32/FakeXPA or Win32/Renos.JI. You will not be able to remove these threats manually, as paths to these files are nonexistent, or it will show infections in legitimate files. Thus, this separates fake Antivirus Protection 2012 from real commercial removers that never install without user’s consent, uninstall normally when asked and provides full information about detected malicious files. You should never pay for such software, and it is better to remove Antivirus Protection as soon as noticed on PC.
Special Antivirus Protection 2012 removal instructions
Although Antivirus Protection 2012 might disable legitimate anti-malware programs, do the following to overcome this problem: Go START -> RUN and insert there taskkill /f /im rundll32.exe. Note that you should keep all the slashes and gaps! In addition, you can try to use Antivirus Protection 2012 registration codes: D13F-3B7D-B3C5-BD84 or LIC-99D0-1239-KJAS-354S-SQD4-CJKF-KF67-GJ78-FGHK-ZDU6. If you enter that code in its activation section, majority of alerts and disturbances will be disabled. However, you should do a full system scan with Spyware Doctor, Spyhunter, Malwarebytes Anti-Malware or other anti-malware tool to detect the trojans comming with this malware and delete its .dll files. Also, due to trojans distributing this malware, do not forget clean up HOSTS file from redirects.
Antivirus Protection 2012 is Extremely dangerous
Antivirus Protection 2012 may spread via Trojans
Antivirus Protection 2012 may display fake security messages
Antivirus Protection 2012 may install additional spyware to your computer
Antivirus Protection 2012 may repair its files, spread or update by itself
Antivirus Protection 2012 violates your privacy and compromises your security
for Antivirus Protection 2012 detection
Note: Spyhunter trial provides detection of parasite like Antivirus Protection 2012 and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
Antivirus Protection 2012 screenshots
Manual Antivirus Protection 2012 removal
Important Note: Although it is possible to manually remove Antivirus Protection 2012, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other malware and spyware removal applications found on 2-viruses.com.
Stop these Antivirus Protection 2012 processes:
Remove these Antivirus Protection 2012 Registry Entries:
Remove these Antivirus Protection 2012 files:
It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Antivirus Protection 2012 infected files and get help in Antivirus Protection 2012 removal by using free Spyhunter scanner. It comes with free real-time protection module that helps preventing Antivirus Protection 2012 and similar threats.
Antivirus Protection 2012 is classified as Rogue Anti-Spyware. After infecting a user’s system, it proceeds to scare its victim into buying the “product” by displaying fake security messages, stating that your computer is infected with spyware and only Antivirus Protection 2012 can help you to remove it after you download the trial version. As soon as the victim downloads Antivirus Protection 2012 trial version, it pretends to scan your computer and shows a grossly exaggerated amount of non-existent errors. Then, Antivirus Protection 2012 offers to buy the full version to fix these false errors. If the user agrees, Antivirus Protection 2012 does not only fix the errors, but it also takes the user’s money and may even install additional spyware into the victim’s computer.
Some Rogue Anti-Spyware, such as Antivirus Protection 2012, may offer users to buy it after the victim clicks on a banner or a pop-up while surfing the internet. Usually, a Trojan is installed to a victim’s computer after clicking on the advertisement. It then proceeds to download or even install Antivirus Protection 2012, which is another way for Rogue Anti-Spyware to spread itself.
Most of rogue Anti-Spyware, such as Antivirus Protection 2012, is nearly impossible to remove manually.