AV Secure 2012

Even though some web sites are endorsing AV Secure 2012 as useful anti-virus program, do not buy it. It is a phony software that intends to mislead you with various tactics.

AV Secure 2012 is just another clone version of AV Security 2012. They both came from a family of rogue security software that repeatedly clones and spreads similar harmful variants. AV Secure 2012 and AV Security 2012 are included in the lists of fake security products that will trick user in order to convince them into acquiring the full version of the software.

Just as any other fake anti-virus programs, AV Secure 2012 is installed on target computer if user pays a visit to malicious web site, or legitimate web pages that are contracted with Trojan Downloader. It takes advantage of Internet browser’s vulnerability to dig up an access inside the computer. Then, Trojan will install AV Secure 2012 and carry out changes on system settings so as the registry to allow automatic execution on Windows start-up.

Once started, AV Secure 2012 will commence a simulation of virus scan, which makes it look like that examination is taking place. The truth is, the whole process is part of a scheme to trap user into thinking that computer is infected with viruses. All of AV Secure 2012’s identified threats do not really exist. At some point where in victims wanted to clean the PC, the rogue software promotes itself as the sole solution.

In removing AV Secure 2012, victims need to achieve two things. First, delete the main program using an effective and genuine anti-malware product. Next, Remove ZeroAccess rootkit Trojan that comes with the malware using a separate tool.

Screen Shot Image:
These two images show how comparable AV Secure 2012 and AV Security 2012 are. In fact, there is only a slight variation on the title, and everything else is a complete clone.

AV Secure 2012

AV Security 2012

Technical Details and Additional Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Malware Behavior
When AV Secure 2012 virus is loaded on the computer, it will display a number of fake alerts and security messages. Some samples are the following warnings:

Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC?

Fake Pop-up Alert

Warning!
Unwanted software (Malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.

Keylogger Zeus Warning

[cf]regis[/cf] [cf]files[/cf]

How to Remove AV Secure 2012

1. On fake AV Secure 2012 or AV Security 2012 console, click on Activate. Enter any of the following code.
Activation Code:
1354156739
2294654156
3766368952

2. Click on Register. You need to run AV Secure 2012/AV Security 2012 in registered mode temporarily to access your files and programs with ease.

3. Download MalwareBytes' Anti-Malware from this link.

4. Once download is complete, double-click on the file to install MBAM. Just load it with default settings. It may prompt for update after installation, please download all necessary updates.

5. MBAM will run right after the update has completed.

6. Click on Perform quick scan, the click on Scan. MBAM will scan the computer for presence of threats. This may take a while.

7. When scan is finished, MBAM will display scan result.

8. Click on Show Results to reveal all identified threats.

9. Make sure that all threats are mark with check. Click on Remove Selected to permanently delete all files and registry entries that belongs to AV Secure 2012.

10. Do not restart the computer at this point. We need to proceed with the ZeroAccess Rootkit removal.

Removing Rootkit Trojan

On some instances, Rootkit Trojan is the one responsible for dropping AV Secure 2012 inside the computer. Rootkit Trojan is capable of concealing itself from anti-virus application and hides its presence. This is the reason why we need to neutralize the complicated malware using a special tool designed for this type of infection.

1. Download Norton Power Eraser here. Save it to your desktop.

2. Once download is complete, double click on NPE.Exe.

3. Norton Power Eraser will run. If it prompts for End User License Agreement, please click on Accept.

4. On NPE main window, click on Scan.

5. On next window, select Include Rootkit Scan and click on Restart.

NPE Scan

6. NPE will restart the computer and performs rootkit scanning. This may take a while.

7. When scan has completed, NPE will display a list of all detected threats.

Important! If there are any detected threats under Suspicious, remove the check mark. Only threats in Detected category are necessary to remove at this point. Make sure that you mark the Create System Restore Point before proceeding with the fix.

 

NPE Scan Complete

8. Now, click on Fix to start removing any threats associated to AV Secure 2012.

9. Norton Power Eraser will restart the computer. Then after a reboot, it will initialize and display the eliminated threats.

10. You may now close NPE. That completely removes AV Secure 2012 rootkit Trojan.

Alternative Removal Method for AV Secure 2012

Option 1 : Use Windows System Restore to return Windows to previous state

If AV Secure 2012 enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before AV Secure 2012 infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.

Option 2 : AV Secure 2012 manual uninstall guide

IMPORTANT! Manual removal of AV Secure 2012 requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to AV Secure 2012.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for AV Secure 2012 files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by AV Secure 2012.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

Technical Reference

Associated Files and Folders:Added Registry Entries: