Sunday, 5 February 2012

AV Security Essentials (Uninstall Guide)

Here's another anti-spyware program that we've added to the list of scareware, called AV Security Essentials. As you see in the image below, it impersonates legit anti-virus software from Microsoft. The rogue anti-spyware program states that your computer has been infected with Trojans, keyloggers, spyware and other malware. It then asks you to give your credit card details to upgrade AV Security Essentials in order to remove non-existent viruses. The rogueware also displays greatly exaggerated security alerts and pop-ups stating your PC is in great danger.





Since it's not a new virus, but a slightly modified and re-brander variant of previous scareware, I won't go into details this time. You can read more detailed analysis of this scareware here and here. Just don't purchase it and do not follow the on-screen instructions. AV Security Essentials cannot delete your files or gather and then send personally identifiable information to remote servers. Don't worry about that. To remove AV Security Essentials and associated malicious software from your computer, please follow the quick removal guide below. It does not get any simpler than this. You can follow the manual removal guide too, if the removal guide below is not acceptable. If you have any questions or need extra help removing this malware from your computer, please leave a comment bellow. Good luck and be safe online!

Quick AV Security Essentials removal guide:

1. Click the "Click here if you already have an Activation" button and register the rogue program using any of these debugged registration keys:

U2FD-S2LA-H4KA-UEPB
K7LY-H4KA-SI9D-U2FD
K7LY-R5GU-SI9D-EVFB

Entering debugged reg key makes the removal procedure a lot easier. You can then download recommend anti-malware program to remove AV Security Essentials from your computer.

2. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove this malware from your computer.

3. To reset the Hosts file back to the default automatically, download and run Fix it and follow the steps in the Fix it wizard.

Associated AV Security Essentials files and registry values:

Files:
  • %AllUsersProfile%\Application Data\[SET OF RANDOM CHARACTERS]\
  • %AppData%\AV Security Essentials\
  • %AppData%\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
  • %UserProfile%\Desktop\AV Security Essentials
  • %UserProfile%\Start Menu\AV Security Essentials
  • %UserProfile%\Start Menu\Programs\AV Security Essentials.lnk
Registry values:
  • HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run\AV Security Essentials = "%AllUsersProfile%\Application Data\78b634\AV83d_9025.exe" /s /d
  • HKEY_CURRENT_USER\software\3
  • HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\[RANDOM].exe\Debugger = svchost.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun = 01000000
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\[1...15]
Tell your friends:
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)