Malware Removal Instructions

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Sunday, 5 February 2012

AV Security Essentials (Uninstall Guide)

Posted on 07:06 by Unknown
Here's another anti-spyware program that we've added to the list of scareware, called AV Security Essentials. As you see in the image below, it impersonates legit anti-virus software from Microsoft. The rogue anti-spyware program states that your computer has been infected with Trojans, keyloggers, spyware and other malware. It then asks you to give your credit card details to upgrade AV Security Essentials in order to remove non-existent viruses. The rogueware also displays greatly exaggerated security alerts and pop-ups stating your PC is in great danger.





Since it's not a new virus, but a slightly modified and re-brander variant of previous scareware, I won't go into details this time. You can read more detailed analysis of this scareware here and here. Just don't purchase it and do not follow the on-screen instructions. AV Security Essentials cannot delete your files or gather and then send personally identifiable information to remote servers. Don't worry about that. To remove AV Security Essentials and associated malicious software from your computer, please follow the quick removal guide below. It does not get any simpler than this. You can follow the manual removal guide too, if the removal guide below is not acceptable. If you have any questions or need extra help removing this malware from your computer, please leave a comment bellow. Good luck and be safe online!

Quick AV Security Essentials removal guide:

1. Click the "Click here if you already have an Activation" button and register the rogue program using any of these debugged registration keys:

U2FD-S2LA-H4KA-UEPB
K7LY-H4KA-SI9D-U2FD
K7LY-R5GU-SI9D-EVFB

Entering debugged reg key makes the removal procedure a lot easier. You can then download recommend anti-malware program to remove AV Security Essentials from your computer.

2. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove this malware from your computer.

3. To reset the Hosts file back to the default automatically, download and run Fix it and follow the steps in the Fix it wizard.

Associated AV Security Essentials files and registry values:

Files:
  • %AllUsersProfile%\Application Data\[SET OF RANDOM CHARACTERS]\
  • %AppData%\AV Security Essentials\
  • %AppData%\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
  • %UserProfile%\Desktop\AV Security Essentials
  • %UserProfile%\Start Menu\AV Security Essentials
  • %UserProfile%\Start Menu\Programs\AV Security Essentials.lnk
Registry values:
  • HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run\AV Security Essentials = "%AllUsersProfile%\Application Data\78b634\AV83d_9025.exe" /s /d
  • HKEY_CURRENT_USER\software\3
  • HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\[RANDOM].exe\Debugger = svchost.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun = 01000000
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\[1...15]
Tell your friends:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Rogue programs | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • False Positive: Ikarus and Comodo detecting TDSSKiller as a Trojan horse
    This awkward moment when you realize that your favorite rootkit removal utility is detected as malware. I probably wouldn't even have no...
  • What is wrtc.exe and how to remove it?
    wrtc.exe - by Perion Network Ltd. What is wrtc.exe? wrtc.exe is a part of IncrediMail software, digitally signed by Perion Network Ltd. This...
  • Trojan.MBRlock, Внимание! Ваш компьютер заблокирован
    Trojan.MBRlock is a very disturbing piece of malicious code which infects the master boot record (MBR) and prevents Windows from starting. ...
  • Remove ShopperReports (Uninstall Guide)
    ShopperReports is defined as adware or a potentially unwanted program that displays marketing related results in a side pane of the browser...
  • Remove Adware.StartPage (Uninstall Guide)
    Adware.StartPage pretends to be a valid program but actually it is an adware that modifies the Internet Explorer home page without the user...
  • WebCake Adware Removal Guide
    If you’re reading this it is very likely that your computer is infected with WebCake adware which displays extremely obnoxious and intrusiv...
  • Show Hidden Files and Folders in Windows
    By default Microsoft Windows hides important files from being seen with Windows Explorer in order to protect these files from being modified...
  • Remove Windows XP Recovery (Uninstall Guide)
    Windows XP Recovery is a fake computer repair and optimization program that reports nonexistent security threats, registry errors and some ...
  • Remove "System Check" (Uninstall Guide)
    System Check is malicious software posing as Windows system utility. Although, it may look like a real thing, it isn't! You are actuall...
  • SaaS - Cloud Computing
    What is Software as a Service (SaaS)? Software as a Service (SaaS) is a cloud computing model, which hosts various software applications and...

Categories

  • Adware
  • Answers
  • Antivirus software
  • Browser Hijackers
  • Cloud Computing
  • Fake Alerts
  • Giveaways
  • Hoax
  • How-To
  • IaaS
  • Internet
  • Malicious websites
  • Malware
  • PaaS
  • Parental Controls
  • Passwords
  • Phishing
  • Process Information
  • Ransomware
  • Rogue programs
  • Rootkits
  • SaaS
  • Security Advisories
  • Spam
  • Spyware
  • Trojans
  • Viruses
  • Web Browsers
  • Worms

Blog Archive

  • ►  2013 (173)
    • ►  December (6)
    • ►  November (13)
    • ►  October (11)
    • ►  September (20)
    • ►  August (4)
    • ►  July (17)
    • ►  June (31)
    • ►  May (25)
    • ►  April (15)
    • ►  March (17)
    • ►  February (7)
    • ►  January (7)
  • ▼  2012 (86)
    • ►  November (2)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (11)
    • ►  June (1)
    • ►  May (5)
    • ►  April (7)
    • ►  March (7)
    • ▼  February (17)
      • How to Remove Smart Fortress 2012 (Uninstall Guide)
      • How to Remove Windows Basic Antivirus (Uninstall G...
      • Windows Secure Kit 2011 Browser Hijack
      • SysWatch Giveaways And Deals
      • Remove Antivirus Protection 2012 (Uninstall Guide)
      • How to Bypass Surveys? Online Surveys and Your Pri...
      • Windows Smart Warden Removal
      • Foodpuma, Datingpuma, Carpuma and Browser Redirects
      • Remove Windows Protection Master (Uninstall Guide)
      • Remove Security Scanner (Uninstall Guide)
      • How to Remove DNS Changer (Uninstall Guide)
      • AV Security Essentials (Uninstall Guide)
      • Avira Giveaways And Deals
      • Bitdefender Giveaways And Deals
      • Ad-Aware Giveaways And Deals
      • ZoneAlarm Giveaways And Deals
      • All-Around Digital Security: Bitdefender Sphere fo...
    • ►  January (20)
  • ►  2011 (239)
    • ►  December (8)
    • ►  November (18)
    • ►  October (21)
    • ►  September (24)
    • ►  August (28)
    • ►  July (32)
    • ►  June (16)
    • ►  May (23)
    • ►  April (15)
    • ►  March (16)
    • ►  February (9)
    • ►  January (29)
  • ►  2010 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile