Christian Mairoll

AV Security 2012 Adware Removal Instructions

Recommended Posts

The Emsisoft malware research team has discovered a new outbreak of the AV Security 2012. Emsisoft Anti-Malware detects this malware as Adware.Win32.AVSecurity2012.

AV Security 2012 is a rogue application. This is another variant of System Security 2011, AV Protection Online, Guard Online and Cloud Protection. A rogue application tries to trick you by displaying false positive or misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

  • %SystemRoot%system32AV Security 2012v121.exe
  • %AppData%ldr.ini
  • %AppData%[random]
  • %AppData%[random]
  • %AppData%[random]AV Security 2012.ico
  • %AppData%[random]
  • %UserProfile%DesktopAV Security 2012.lnk
  • %UserProfile%Local SettingsTempB.tmp
  • %UserProfile%Start MenuProgramsAV Security 2012
  • %UserProfile%Start MenuProgramsAV Security 2012AV Security 2012.lnk

Create new registry entry:

  • HKEY_LOCAL_MACHINEsoftwaremicrosoftWindowsCurrentVersionRun
    “[random]=%SystemRoot%system32AV Security 2012v121.exe”

Screenshots:

Adware.Win32.AVSecurity2012

Adware.Win32.AVSecurity2012

Adware.Win32.AVSecurity2012

To register and uninstall this rogue application, you can try the following serial number:

9992665263

How to remove the infection of AV Security 2012 (Adware.Win32.AVSecurity2012)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.



View the full article

Share this post


Link to post
Share on other sites

Hallo,

warum beinhaltet die Signatur ein "Adware" ?

Unvorsichtige User könnten die Meldung unterschätzen und diese Fake AVs installieren.

Sind sie nicht eher Spyware und andere Malware ?

Share this post


Link to post
Share on other sites

I am inclined to agree with Springer. I think the description 'Adware' implies a nuisance or PUP (potentially unwanted application). Many of the current Fake AV's include dangerous 'rootkits' and zero access malware in the payload.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.