AV Security 2012 - How to remove?

 

What is AV Security 2012?

Another fake antivirus program has been recently released by cyber criminals in order to rip off random computer users. The application secretly gets inside the system under the name of AV Security 2012. Once inside the application changes some settings in your Windows Registry and then the program starts fulfilling its malicious plan. AV Security 2011 starts running its scanner every time you log in to Windows. The scanner imitates looking for infections for a few minutes and then warns about some threats. AV Security 2012 warns that your system must be cleaned and the best way to do that is to purchase a full version of its program.

In addition, the program warns that your computer is infected by displaying tons of security notifications and pop up ads. These messages state that your computer is infected with harmful viruses or some critical files on your computer have been modified by malicious software. It will then ask you to activate AV Security 2012 in order to prevent permanent loss of your information and credit card date theft. Have a look at the messages that may possibly be displayed once you are infected with AV Security 2012.

svchost.exe
svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.

Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Publisher: Unauthorized

Warning! Infection found
Unauthorized sending E-MAIL with subject “RE:” to <fake email here> was CANCELLED.

Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.

Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.

Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.

Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.

Warning: Infection is Detected
Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software

Warning: Spyware Detected
Windows has found spy programs running on your computer!
Click here to update your Windows antivirus software

Windows Security Center
Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC?

Once infected with AV Security 2012 the system fails to open any Internet site. Instead it generates a message stating that the website you are trying to visit is infected. This happens because AV Security 2012 configures Windows to use proxy server.

Another common thing to happen once you are infected with this badware is downloading ZeroAccess rootkit together with AV Security 2012. This rootkit causes difficulties in using some of your legitimate programs since it changes permissions denies access to certain applications.

AV Security 2012 must be deleted as soon as possible without any hesitations. Use a removal guide below this article for the easiest solution. Do not pay for AV Security 2012 is you don’t want to lose your money.

How to remove System Security 2012 (special instructions)

1. Download process explorer and safe it on desktop. Rename it to iexplore.exe (or iexplore, if you do not see file extensions). Ddisable proxy server in your browser.
2. Execute process explorer and look for garbage processes that run from C:\Windows\System32. The name would be like 23gwGSGD23523.exe or similar (it has to contain many letters and digits). Stop the process and write down the exact path. Once you stop correct processes, the malware windows will close and icon will disappear.
3. Delete the files you have stopped in the previous step.
4. AV Security 2012 comes with other trojans usually. Scan your PC with spyhunter, Malwarebytes Anti-Malware for remaining malware processes and files. Full versions of these programs would have protected from AV Security 2012 infection and saved some time.

Video Guide on System Security 2012 removal

 

Automatic AV Security 2012 removal tools

 
  Download Spyhunter for AV Security 2012 detectionNote: Spyhunter trial provides detection of parasite like AV Security 2012 and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
 

Manual AV Security 2012 removal

 

Important Note: Although it is possible to manually remove AV Security 2012, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other tools found on 2-viruses.com.

Processes:
Files:
Registers:

It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other AV Security 2012 infected files and get help in AV Security 2012 removal by using Spyhunter scanner. 

 
 
 
 
 
 
 
 
 
 

11 thoughts on “AV Security 2012

  1. allen
     

    Thanks …I got this virus…then found it and had hard time deleting. But in the end I won.

     
  2. Andy
     

    I went into “system restore” and re-set my computer to 7 days ago and AV Security 2012 seems to have vanished completely (knock wood). Isn’t that a simple solution to this problem?

     
    1. admin
       

      Andy: Re-scan your PC. Although System Restore might fix it enough, in some cases it might install with malware that shows no symptoms for a while and can redownload other parasites.

       
  3. Karen Benke
     

    Please help, this keeps popping up!! I went into system restore and it didn’t stop…I’m not that computer savvy, can you tell me the easist way to do this in a way I can fix it myself…

    thanks,Karen

     
  4. Shawn
     

    I tried System Restore. This virus has disabled it. Also when looking for the files listed here, they are not there. I am wondering these assssoles have updated their virus.

     
  5. Chuck
     

    Shawn I was in the same boat I had to go into safe mode and restore to “day 0″

     
  6. bobby
     

    @allen
    HOW?? ive tried everything..wont even let me system restore in safe mode? tried the tdss and the malware antivirus…yet everytime i do that, computer shuts down as it knows im trying to screw with it. the tdss picked up nothing. I dont know where to turn

     
    1. admin
       

      Bobby: Scan with Stopzilla, SD. Also, watch the video – it is for same parasite with different name.

       
  7. honeylet
     

    this av security really drive me nots its hard for me to delete controling screen

     
  8. Marianne
     

    I too got this virus, used 2 tools to remove it – Malwarebytes and Combofix. I now can not get onto the internet after removing virus, i see that i’m hooked up to the internet but neither internet explorer (which i have tried to reinstall) and firefox will connect to internet. What are my options to get hooked back up?

     
    1. admin
       

      Marianne: check if your browser is set up to use proxy server. Disable it. If this is not the case, then combofix removed a necessary driver. Combofix should be used by computer repair persons or under supervision only.

       

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>