Nov 24

Cloud AV 2012 rogue of the FakeScanti Family

Cloud AV 2012 is a rogue of the FakeScanti Family, that uses deceptive tactics, fake spam email alerts, and results of fake scans showing the computer being infected, and also the blocking of all applications when trying to run them to scare the user into buying the rogue to clean the fake infections shown.

Cloud AV 2012 (FakeScanti) GUI

Files and Locations:
%SYSTEM%\ Cloud AV 2012v121.exe
%AppData%\ dwme.exe
%Local_AppData%\ dwme.exe

Hosts File:
%SYSTEM%\Drivers\etc\hosts yahoo.com google.com myspace.com msn.com ebay.com amazon.com youtube.com craigslist.org wikipedia.org cnn.com facebook.com go.com live.com blogger.com aol.com microsoft.com comcast.net imdb.com digg.com flickr.com Expedia.com Monster.com Paypal.com Weather.com

The Cloud AV 2012 rogue can be removed using  manual methods, however, the this family of rogues can include Rootkits or other type of Trojans designed to keep re-infecting the PC, it is recommend to use our Antispyware/Antivirus removal tool, VIPRE Antivirus. You can download a free trial to remove the rogue from your computer for no cost by clicking on the link below:


If you are unable to download and install our malware removal tool because this has infected your computer and is not allowing you to install the program, you can use our VIPRE Rescue Disc here:


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>