Christian Mairoll 227 Report post Posted November 10, 2011 The Emsisoft malware research team has discovered a new outbreak of the AV Security 2012. Emsisoft Anti-Malware detects this malware as Adware.Win32.AVSecurity2012. AV Security 2012 is a rogue application. This is another variant of System Security 2011, AV Protection Online, Guard Online and Cloud Protection. A rogue application tries to trick you by displaying false positive or misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase. Create new files: %SystemRoot%system32AV Security 2012v121.exe %AppData%ldr.ini %AppData%[random] %AppData%[random] %AppData%[random]AV Security 2012.ico %AppData%[random] %UserProfile%DesktopAV Security 2012.lnk %UserProfile%Local SettingsTempB.tmp %UserProfile%Start MenuProgramsAV Security 2012 %UserProfile%Start MenuProgramsAV Security 2012AV Security 2012.lnk Create new registry entry: HKEY_LOCAL_MACHINEsoftwaremicrosoftWindowsCurrentVersionRun“[random]=%SystemRoot%system32AV Security 2012v121.exe”Screenshots: To register and uninstall this rogue application, you can try the following serial number: 9992665263 How to remove the infection of AV Security 2012 (Adware.Win32.AVSecurity2012)? To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine. Related Posts: Security Guard 2012 Adware Removal Instructions System Security 2011 Adware Removal Instructions Security Sphere 2012 Removal Instructions AV Protection Online Adware Removal Instructions Guard Online Adware Removal Instructions View the full article Quote Share this post Link to post Share on other sites
Springer 0 Report post Posted November 11, 2011 Hallo, warum beinhaltet die Signatur ein "Adware" ? Unvorsichtige User könnten die Meldung unterschätzen und diese Fake AVs installieren. Sind sie nicht eher Spyware und andere Malware ? Quote Share this post Link to post Share on other sites
UnusedAccount 1 Report post Posted November 12, 2011 I am inclined to agree with Springer. I think the description 'Adware' implies a nuisance or PUP (potentially unwanted application). Many of the current Fake AV's include dangerous 'rootkits' and zero access malware in the payload. Quote Share this post Link to post Share on other sites
Christian Mairoll 227 Report post Posted November 13, 2011 I'll have a look into the defaul naming procedure. Thanks for letting me know. Quote Share this post Link to post Share on other sites
