«

»

Nov 24

Cloud AV 2012 rogue of the FakeScanti Family

Cloud AV 2012 is a rogue of the FakeScanti Family, that uses deceptive tactics, fake spam email alerts, and results of fake scans showing the computer being infected, and also the blocking of all applications when trying to run them to scare the user into buying the rogue to clean the fake infections shown.

Cloud AV 2012 (FakeScanti) GUI

Files and Locations:
%SYSTEM%\ Cloud AV 2012v121.exe
%AppData%\ dwme.exe
%Local_AppData%\ dwme.exe
%PROGAM_FILES%\24245\lvvm.exe
%PROGAM_FILES%\LP\BAD6\C29.exe

Hosts File:
%SYSTEM%\Drivers\etc\hosts
46.4.179.84 yahoo.com
212.124.122.156 google.com
46.4.179.84 myspace.com
212.124.122.156 msn.com
46.4.179.84 ebay.com
46.4.179.84 amazon.com
212.124.122.156 youtube.com
46.4.179.84 craigslist.org
212.124.122.156 wikipedia.org
46.4.179.110 cnn.com
46.4.179.84 facebook.com
46.4.179.110 go.com
46.4.179.84 live.com
46.4.179.84 blogger.com
46.4.179.110 aol.com
46.4.179.84 microsoft.com
46.4.179.110 comcast.net
46.4.179.84 imdb.com
46.4.179.84 digg.com
46.4.179.84 flickr.com
46.4.179.84 Expedia.com
46.4.179.84 Monster.com
212.124.122.156 Paypal.com
46.4.179.84 Weather.com

The Cloud AV 2012 rogue can be removed using  manual methods, however, the this family of rogues can include Rootkits or other type of Trojans designed to keep re-infecting the PC, it is recommend to use our Antispyware/Antivirus removal tool, VIPRE Antivirus. You can download a free trial to remove the rogue from your computer for no cost by clicking on the link below:

http://www.vipreantivirus.com/Antivirus-Trial/VIPRE-Antivirus/

If you are unable to download and install our malware removal tool because this has infected your computer and is not allowing you to install the program, you can use our VIPRE Rescue Disc here:

http://live.sunbeltsoftware.com

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>