Wednesday, November 9, 2011

AV Security 2012 - How To Remove - FakeAV - Rogue

AV Security 2012 - it is fake antivirus. Only money ransom.





Files are created:
C:\Documents and Settings\<UserName>\Application Data\iEEDV8olEViWC\AV Security 2012.ico (It's random folder name)
C:\Documents and Settings\<UserName>\Application Data\ldr.ini
C:\Documents and Settings\<UserName>\Desktop\AV Security 2012.lnk
C:\Documents and Settings\<UserName>\Local Settings\Temp\1.tmp
C:\Documents and Settings\<UserName>\Start Menu\Programs\AV Security 2012\AV Security 2012.lnk
C:\WINDOWS\system32\AV Security 2012v121.exe
(Will be possible to meet such a file C:\WINDOWS\system32\virus.exe)




Registry edit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"qxxTGN9pR8234A"="C:\WINDOWS\system32\AV Security 2012v121.exe"

Random key names.


To remove this rogue go to the website www.Trojan-Killer.net and download Trojan-Killer.


Run and install it.




Upon completion of installation, select Launch GridinSoft Trojan Killer and click Finish.




When the Trojan Killer will look on your computer you will see a full list of detected malware.
Press the Remove Selected to remove them.



I hope this guide helps you :)
Author: на
Keywords: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)