Christian Mairoll 237 Posted November 10, 2011 Report Share Posted November 10, 2011 The Emsisoft malware research team has discovered a new outbreak of the AV Security 2012. Emsisoft Anti-Malware detects this malware as Adware.Win32.AVSecurity2012. AV Security 2012 is a rogue application. This is another variant of System Security 2011, AV Protection Online, Guard Online and Cloud Protection. A rogue application tries to trick you by displaying false positive or misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase. Create new files: %SystemRoot%system32AV Security 2012v121.exe %AppData%ldr.ini %AppData%[random] %AppData%[random] %AppData%[random]AV Security 2012.ico %AppData%[random] %UserProfile%DesktopAV Security 2012.lnk %UserProfile%Local SettingsTempB.tmp %UserProfile%Start MenuProgramsAV Security 2012 %UserProfile%Start MenuProgramsAV Security 2012AV Security 2012.lnk Create new registry entry: HKEY_LOCAL_MACHINEsoftwaremicrosoftWindowsCurrentVersionRun“[random]=%SystemRoot%system32AV Security 2012v121.exe” Screenshots: To register and uninstall this rogue application, you can try the following serial number: 9992665263 How to remove the infection of AV Security 2012 (Adware.Win32.AVSecurity2012)? To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine. Related Posts: Security Guard 2012 Adware Removal Instructions System Security 2011 Adware Removal Instructions Security Sphere 2012 Removal Instructions AV Protection Online Adware Removal Instructions Guard Online Adware Removal Instructions View the full article Quote Link to post Share on other sites
Springer 0 Posted November 11, 2011 Report Share Posted November 11, 2011 Hallo, warum beinhaltet die Signatur ein "Adware" ? Unvorsichtige User könnten die Meldung unterschätzen und diese Fake AVs installieren. Sind sie nicht eher Spyware und andere Malware ? Quote Link to post Share on other sites
UnusedAccount 1 Posted November 12, 2011 Report Share Posted November 12, 2011 I am inclined to agree with Springer. I think the description 'Adware' implies a nuisance or PUP (potentially unwanted application). Many of the current Fake AV's include dangerous 'rootkits' and zero access malware in the payload. Quote Link to post Share on other sites
Christian Mairoll 237 Posted November 13, 2011 Author Report Share Posted November 13, 2011 I'll have a look into the defaul naming procedure. Thanks for letting me know. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.