Malware Removal Instructions

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Sunday, 5 February 2012

AV Security Essentials (Uninstall Guide)

Posted on 07:06 by Unknown
Here's another anti-spyware program that we've added to the list of scareware, called AV Security Essentials. As you see in the image below, it impersonates legit anti-virus software from Microsoft. The rogue anti-spyware program states that your computer has been infected with Trojans, keyloggers, spyware and other malware. It then asks you to give your credit card details to upgrade AV Security Essentials in order to remove non-existent viruses. The rogueware also displays greatly exaggerated security alerts and pop-ups stating your PC is in great danger.





Since it's not a new virus, but a slightly modified and re-brander variant of previous scareware, I won't go into details this time. You can read more detailed analysis of this scareware here and here. Just don't purchase it and do not follow the on-screen instructions. AV Security Essentials cannot delete your files or gather and then send personally identifiable information to remote servers. Don't worry about that. To remove AV Security Essentials and associated malicious software from your computer, please follow the quick removal guide below. It does not get any simpler than this. You can follow the manual removal guide too, if the removal guide below is not acceptable. If you have any questions or need extra help removing this malware from your computer, please leave a comment bellow. Good luck and be safe online!

Quick AV Security Essentials removal guide:

1. Click the "Click here if you already have an Activation" button and register the rogue program using any of these debugged registration keys:

U2FD-S2LA-H4KA-UEPB
K7LY-H4KA-SI9D-U2FD
K7LY-R5GU-SI9D-EVFB

Entering debugged reg key makes the removal procedure a lot easier. You can then download recommend anti-malware program to remove AV Security Essentials from your computer.

2. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove this malware from your computer.

3. To reset the Hosts file back to the default automatically, download and run Fix it and follow the steps in the Fix it wizard.

Associated AV Security Essentials files and registry values:

Files:
  • %AllUsersProfile%\Application Data\[SET OF RANDOM CHARACTERS]\
  • %AppData%\AV Security Essentials\
  • %AppData%\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
  • %UserProfile%\Desktop\AV Security Essentials
  • %UserProfile%\Start Menu\AV Security Essentials
  • %UserProfile%\Start Menu\Programs\AV Security Essentials.lnk
Registry values:
  • HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run\AV Security Essentials = "%AllUsersProfile%\Application Data\78b634\AV83d_9025.exe" /s /d
  • HKEY_CURRENT_USER\software\3
  • HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\[RANDOM].exe\Debugger = svchost.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun = 01000000
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\[1...15]
Tell your friends:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Rogue programs | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • What is wrtc.exe and how to remove it?
    wrtc.exe - by Perion Network Ltd. What is wrtc.exe? wrtc.exe is a part of IncrediMail software, digitally signed by Perion Network Ltd. This...
  • Remove ShopperReports (Uninstall Guide)
    ShopperReports is defined as adware or a potentially unwanted program that displays marketing related results in a side pane of the browser...
  • Trojan.MBRlock, Внимание! Ваш компьютер заблокирован
    Trojan.MBRlock is a very disturbing piece of malicious code which infects the master boot record (MBR) and prevents Windows from starting. ...
  • False Positive: Ikarus and Comodo detecting TDSSKiller as a Trojan horse
    This awkward moment when you realize that your favorite rootkit removal utility is detected as malware. I probably wouldn't even have no...
  • Remove RiskTool.Win32.BitCoinMiner (Uninstall Guide)
    RiskTool.Win32.BitCoinMiner is a risk tool or potentially unwanted application that may use your computer's resources to generate bitco...
  • Remove Rattlingsearchsystem.com (Uninstall Guide)
    Rattlingsearchsystem.com is a ZeroAccess/Sirefef rootkit-related browser hijacker that redirects users to shady websites while searching on...
  • Remove TR/ATRAPS.Gen2, removal instructions
    Cyber crooks and third parties that buy stolen data are increasingly using more and more sophisticated techniques, in a variety of different...
  • Remove Ask Search and Ask Toolbar (Uninstall Guide)
    Ask Search and Ask Toolbar are very often incorrectly classified as virus/spyware that may cause search redirects. The majority of us pref...
  • How to remove 'TidyNetwork' adware virus from your computer
    As internet users most of us have seen those irritating little pop-up windows that are advertising something that we normally have little or...
  • Remove Windows Attention Utility (Uninstall Guide)
    Windows Attention Utility is a rogue security application that generates misleading warnings about nonexistent viruses and attempts to lure...

Categories

  • Adware
  • Answers
  • Antivirus software
  • Browser Hijackers
  • Cloud Computing
  • Fake Alerts
  • Giveaways
  • Hoax
  • How-To
  • IaaS
  • Internet
  • Malicious websites
  • Malware
  • PaaS
  • Parental Controls
  • Passwords
  • Phishing
  • Process Information
  • Ransomware
  • Rogue programs
  • Rootkits
  • SaaS
  • Security Advisories
  • Spam
  • Spyware
  • Trojans
  • Viruses
  • Web Browsers
  • Worms

Blog Archive

  • ►  2013 (173)
    • ►  December (6)
    • ►  November (13)
    • ►  October (11)
    • ►  September (20)
    • ►  August (4)
    • ►  July (17)
    • ►  June (31)
    • ►  May (25)
    • ►  April (15)
    • ►  March (17)
    • ►  February (7)
    • ►  January (7)
  • ▼  2012 (86)
    • ►  November (2)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (11)
    • ►  June (1)
    • ►  May (5)
    • ►  April (7)
    • ►  March (7)
    • ▼  February (17)
      • How to Remove Smart Fortress 2012 (Uninstall Guide)
      • How to Remove Windows Basic Antivirus (Uninstall G...
      • Windows Secure Kit 2011 Browser Hijack
      • SysWatch Giveaways And Deals
      • Remove Antivirus Protection 2012 (Uninstall Guide)
      • How to Bypass Surveys? Online Surveys and Your Pri...
      • Windows Smart Warden Removal
      • Foodpuma, Datingpuma, Carpuma and Browser Redirects
      • Remove Windows Protection Master (Uninstall Guide)
      • Remove Security Scanner (Uninstall Guide)
      • How to Remove DNS Changer (Uninstall Guide)
      • AV Security Essentials (Uninstall Guide)
      • Avira Giveaways And Deals
      • Bitdefender Giveaways And Deals
      • Ad-Aware Giveaways And Deals
      • ZoneAlarm Giveaways And Deals
      • All-Around Digital Security: Bitdefender Sphere fo...
    • ►  January (20)
  • ►  2011 (239)
    • ►  December (8)
    • ►  November (18)
    • ►  October (21)
    • ►  September (24)
    • ►  August (28)
    • ►  July (32)
    • ►  June (16)
    • ►  May (23)
    • ►  April (15)
    • ►  March (16)
    • ►  February (9)
    • ►  January (29)
  • ►  2010 (2)
    • ►  December (2)
Powered by Blogger.

About Me

Unknown
View my complete profile