Since it's not a new virus, but a slightly modified and re-brander variant of previous scareware, I won't go into details this time. You can read more detailed analysis of this scareware here and here. Just don't purchase it and do not follow the on-screen instructions. AV Security Essentials cannot delete your files or gather and then send personally identifiable information to remote servers. Don't worry about that. To remove AV Security Essentials and associated malicious software from your computer, please follow the quick removal guide below. It does not get any simpler than this. You can follow the manual removal guide too, if the removal guide below is not acceptable. If you have any questions or need extra help removing this malware from your computer, please leave a comment bellow. Good luck and be safe online!
Quick AV Security Essentials removal guide:
1. Click the "Click here if you already have an Activation" button and register the rogue program using any of these debugged registration keys:
Entering debugged reg key makes the removal procedure a lot easier. You can then download recommend anti-malware program to remove AV Security Essentials from your computer.
2. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove this malware from your computer.
3. To reset the Hosts file back to the default automatically, download and run Fix it and follow the steps in the Fix it wizard.
Associated AV Security Essentials files and registry values:
- %AllUsersProfile%\Application Data\[SET OF RANDOM CHARACTERS]\
- %AppData%\AV Security Essentials\
- %AppData%\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
- %UserProfile%\Desktop\AV Security Essentials
- %UserProfile%\Start Menu\AV Security Essentials
- %UserProfile%\Start Menu\Programs\AV Security Essentials.lnk
- HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run\AV Security Essentials = "%AllUsersProfile%\Application Data\78b634\AV83d_9025.exe" /s /d
- HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\[RANDOM].exe\Debugger = svchost.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun = 01000000