Cloud AV 2012
Posted: November 23, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 225 |
| First Seen: | November 23, 2011 |
|---|---|
| Last Seen: | August 17, 2022 |
| OS(es) Affected: | Windows |
Cloud AV 2012 is a duplicate of other variants of rogue AV programs from the FakeScanti (also known as Fake Scanti and Rogue:Win32/FakeScanti) subgroup. Unlike a legitimate anti-virus application, Cloud AV 2012 can't find or remove viruses, but supports the appearance of being able to do so by creating fake infection warnings and other types of problems, including blocking website access, blocking programs and changing your desktop. SpywareRemove.com malware experts strongly recommend that you remove Cloud AV 2012 from your PC as soon as you see Cloud AV 2012 appear since side effects of Cloud AV 2012's presence will cause your computer to have weakened security and be generally-dysfunctional. When possible, using anti-malware software to accomplish this will help to prevent lasting harm to your PC, since components of Cloud AV 2012 may use the names of default Windows files or utilize other techniques to conceal themselves.
A Forecast for Cloud AV 2012: Nothing but Trouble for Your Computer
Although Cloud AV 2012 can cause a wide range of problems for your PC, the stand-out symptom of Cloud AV 2012 infection is the appearance of unusual error messages in various formats. Fake warnings and errors from Cloud AV 2012 can take the form of desktop images, taskbar balloons, web browser pop-ups and even fake Windows Security Center alerts. These false infection warnings are used to tempt you to purchase Cloud AV 2012 to remove these nonexistent issues, and, naturally, SpywareRemove.com malware researchers strongly discourage falling for this waste of money.
Many of these false messages may also appear when you attempt to navigate to an anti-malware website or use anti-malware software to remove Cloud AV 2012. You should be aware that Cloud AV 2012 is incapable of finding or removing any sort of threat to your PC and that this behavior is intended purely to stop you from deleting Cloud AV 2012 and taking the 'easy' way out of its scam. These errors don't indicate that there are actual problems with the websites or programs themselves, although, in some cases, Cloud AV 2012 may attempt to uninstall popular brands of PC security software.
The Rest of Cloud AV 2012's Stormy Weather
Even if you've resolved to uninstall Cloud AV 2012 at the first opportunity, other issues that Cloud AV 2012 may cause can make this prospect intimidating and difficult. SpywareRemove.com malware research team recommends using an anti-malware program to be sure of finding and removing all components of a Cloud AV 2012 infection, and be prepared to skirt around issues like these:
- Browser hijacks that redirect you to Cloud AV 2012's website or block access to other websites.
- A changed desktop background.
- Pop-up windows that imitate Windows programs like Windows Security Center.
- Random reboots of Windows.
- Programs that are arbitrarily-blocked from being launched.
In all cases, stopping Cloud AV 2012 from launching itself is the first step to avoiding these attacks so that you can properly-remove Cloud AV 2012 from your PC. In most cases, Safe Mode is the readiest-available method of achieving this. A complete system scan should also be used, since an incomplete scan may allow any Trojans that are present to install a new FakeScanti infection, such as
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\XHHH5sQQJ7dK8RZ\Cloud AV 2012v121.exe
File name: Cloud AV 2012v121.exeSize: 2.8 MB (2801664 bytes)
MD5: 420b6e9c65701b4b6720f25762f6186d
Detection count: 101
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\XHHH5sQQJ7dK8RZ
Group: Malware file
Last Updated: November 24, 2011
%APPDATA%\Microsoft\8AF2\66C.exe
File name: 66C.exeSize: 286.2 KB (286208 bytes)
MD5: 535b08b0737a0524b133be6401338383
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\8AF2
Group: Malware file
Last Updated: November 24, 2011
%APPDATA%\LycA1uvD2b4m5Q6\Cloud AV 2012v121.exe
File name: Cloud AV 2012v121.exeSize: 2.79 MB (2799616 bytes)
MD5: b199c92af7b4a1f1427f7ebff90e0615
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\LycA1uvD2b4m5Q6
Group: Malware file
Last Updated: August 17, 2022
%APPDATA%\AED99\502F9.exe
File name: 502F9.exeSize: 172.54 KB (172544 bytes)
MD5: a206e763d2bbed0eee677180c0ebe359
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\AED99
Group: Malware file
Last Updated: November 24, 2011
%APPDATA%\13DB7\lvvm.exe
File name: lvvm.exeSize: 188.41 KB (188416 bytes)
MD5: 430ab1341e367ee43e2c57e9accd7be2
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\13DB7
Group: Malware file
Last Updated: November 24, 2011
%AppData%\ldr.ini
File name: %AppData%\ldr.iniMime Type: unknown/ini
Group: Malware file
%AppData%\[RANDOM CHARACTERS]\Cloud AV 2012.ico
File name: %AppData%\[RANDOM CHARACTERS]\Cloud AV 2012.icoMime Type: unknown/ico
Group: Malware file
%DesktopDir%\Cloud AV 2012.lnk
File name: %DesktopDir%\Cloud AV 2012.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Temp%\8.tmp
File name: %Temp%\8.tmpFile type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
%AppData%\dwme.exe
File name: %AppData%\dwme.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%SYSTEM%\Cloud AV 2012v121.exe
File name: %SYSTEM%\Cloud AV 2012v121.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Local_AppData%\dwme.exe
File name: %Local_AppData%\dwme.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%PROGAM_FILES%\LP\BAD6\C29.exe
File name: %PROGAM_FILES%\LP\BAD6\C29.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%PROGAM_FILES%\24245\lvvm.exe
File name: %PROGAM_FILES%\24245\lvvm.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%AppData%\FCE03\0FD4B.exe
File name: %AppData%\FCE03\0FD4B.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%AppData%\FCE03\3F0D.CE0
File name: %AppData%\FCE03\3F0D.CE0Mime Type: unknown/CE0
Group: Malware file
%AppData%\LUUJ1wscH0aTNzF\Cloud AV 2012.ico
File name: %AppData%\LUUJ1wscH0aTNzF\Cloud AV 2012.icoMime Type: unknown/ico
Group: Malware file
%TempDir%\1.tmp
File name: %TempDir%\1.tmpFile type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
%TempDir%\dwme.exe
File name: %TempDir%\dwme.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%ProgramFiles%\LP\4B7F\027.exe
File name: %ProgramFiles%\LP\4B7F\027.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%ProgramFiles%\LP\4B7F\2.tmp
File name: %ProgramFiles%\LP\4B7F\2.tmpFile type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
%ProgramFiles%\LP\4B7F\3.tmp
File name: %ProgramFiles%\LP\4B7F\3.tmpFile type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
%ProgramFiles%\LP\4B7F\4.tmp
File name: %ProgramFiles%\LP\4B7F\4.tmpFile type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
%ProgramFiles%\03F0D\lvvm.exe
File name: %ProgramFiles%\03F0D\lvvm.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Programs%\Cloud AV 2012\Cloud AV 2012.lnk
File name: %Programs%\Cloud AV 2012\Cloud AV 2012.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Desktop%\Cloud AV 2012.lnk
File name: %Desktop%\Cloud AV 2012.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%SystemDir%\Cloud AV 2012v121.exe
File name: %SystemDir%\Cloud AV 2012v121.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Windows%\system32\[RANDOM CHARACTERS].exe
File name: %Windows%\system32\[RANDOM CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Documents and Settings%\[USERNAME]\Application Data\svhostu.exe
File name: %Documents and Settings%\[USERNAME]\Application Data\svhostu.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Documents and Settings%\[USERNAME]\Local Settings\Temp\[RANDOM CHARACTERS].tmp
File name: %Documents and Settings%\[USERNAME]\Local Settings\Temp\[RANDOM CHARACTERS].tmpFile type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
%Documents and Settings%\[USERNAME]\Application Data\[RANDOM CHARACTERS]\
File name: %Documents and Settings%\[USERNAME]\Application Data\[RANDOM CHARACTERS]\Group: Malware file
%Documents and Settings%\[USERNAME]\Start Menu\Programs\Cloud AV 2012\
File name: %Documents and Settings%\[USERNAME]\Start Menu\Programs\Cloud AV 2012\Group: Malware file
%Documents and Settings%\[USERNAME]\Desktop\Cloud AV 2012.lnk
File name: %Documents and Settings%\[USERNAME]\Desktop\Cloud AV 2012.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
Registry Modifications
Regexp file mask%AppData%\iexplore.exe%AppData%\svhostu.exeHKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\C0AB6693AB3202B4B9D95716ED5CE4A6\SourceListHKEY_CURRENT_USER\Software\Cloud AV 2012HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"
Had a problem downloading Spyhunter...doing a simple System Restore, back about one (1) week appears to have solved the problem. Cloud AV 2012 has disappeared. Was this an acceptable alternative?
I am unable to open Home and Business Outlook 2010 in Win7. Version is 14.06029.1000. It wkoerd fine earlier today. I was entering contacts. The file size is 265 KB. I am unable to run the nav file, but did find the .pst file and restored it. Still no luck. The application icon does not open it. Safe mode does not work. I do not feel good enought to change any other programming.I am unable to access my mailboxes from this computer.I checked the properties of the Outlook pst file and noticed that the attributes on this file show an Al and not A like the other office folder shortcut. The desktop shortcut is an A.Help, please.Joy