AV Security Essentials is a malicious program that pretends to be legitimate security software, such as an antivirus or antispyware tool. It is from the same family of malware as Antivirus Smart Protection, Home Security Solutions, Anti-Malware Lab, etc. It is promoted and installed itself on your computer without your permission and knowledge through the use of trojans. Moreover, the scammers may also distribute AV Security Essentials virus on Twitter, My Space, Facebook, and other social networks. Please be careful when opening attachments and downloading files or otherwise you can end up with a rogue program on your PC.
During installation, AV Security Essentials will configure itself to run automatically every time when Windows loads. Next, it will add a few entries into the HOSTS file so that when you open Google, Yahoo or Bing, you will be redirected to various misleading websites. The rogue will also drop several fake malware files that absolute harmless but, later during the scan, they will be detected as security threats. Of course, the scan look realistic and legitimate, you should never trust it! AV Security Essentials want to trick you into thinking that your computer in danger and make you believe you must buy the full version of the software. Remember, the program pretends to be an antivirus software, but in reality is unable to detect or remove any infections and nor will be protect you from legitimate future threats. So you can safely ignore the false scan results.
While AV Security Essentials is running, it will block the Windows Task Manager and most antivirus and antispyware tools. Moreover, it will display a variety of fake security warnings and alerts that attempt to make you think your computer is infected with all sorts of malicious software. Some of the alerts are:
System alert
AV Security Essentials has detected potentially harmful software in
your system. It is strongly recommended that you register
AV Security Essentials to remove all found threats immediately.
System warning
No real-time malware, spyware and virus protection was
found. Click here to activate.
Warning! Identity theft attempt detected
Hidden connection IP: 128.154.26.11
Target: Microsoft Corporation keys
Warning
Warning! Virus detected
As you can see, all of these warnings states the same: the system is infected. In case you want to fix it, AV Security Essentials will prompt you to pay money. However, like false scan results above, all of these security messages are just a fake and has been displayed to trick you into purchasing so-called full version of the fake security program. So, you should ignore all of them.
As you can see, the program is a totally scam. It is neither able to detect, nor to remove any threats from the system. AV Security Essentials has been created with one purpose is to steal your money and leave you in a trouble. Thus, do not be fooled into buying the program! Instead of doing so, follow the removal guidelines below in order to remove AV Security Essentials and any associated malware from your computer for free.
Symptoms in a HijackThis Log
O4 – HKCU\..\Run: [AV Security Essentials] “C:\Documents and Settings\All Users\Application Data\8eb0d6\AVz28.exe” /s /d
Use the following instructions to remove AV Security Essentials (Uninstall instructions)
It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.
Restart your computer. After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.
Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.
Windows Advanced Options menu
When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.
AV Security Essentials virus changes Internet Explorer proxy settings to use a malicious proxy server that will not allow you download or update security software. So, you should complete this step to fix this problem.
Run Internet Explorer, Click Tools -> Internet Options as as shown in the screen below.
Internet Explorer – Tools menu
You will see window similar to the one below.
Internet Explorer – Internet options
Select Connections Tab and click to Lan Settings button. You will see an image similar as shown below.
Internet Explorer – Lan settings
Uncheck “Use a proxy server” box. Click OK to close Lan Settings and Click OK to close Internet Explorer settings.
Now you should download Malwarebytes Anti-malware and remove all AV Security Essentials associated malware.
Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.
Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. Once installation is complete, you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Now click on the Scan button to start scanning your computer for AV Security Essentials associated malware. This procedure can take some time, so please be patient.
When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. Make sure all entries have a checkmark at their far left and click “Remove Selected”.
AV Security Essentials may change the Windows system HOSTS file so you need reset this file with the default version for your operating system.
Please download OTM by OldTimer from here and save it to desktop. Run OTM, copy, then paste the following text in “Paste Instructions for Items to be Moved” textarea (under the yellow bar):
:Commands
[resethosts]
Click the red Moveit! button. Close OTM.
Your system should now be free of the AV Security Essentials virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.
AV Security Essentials removal notes
Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.
Note 2: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.
AV Security Essentials creates the following files and folders
%UserProfile%\Application Data\AV Security Essentials
%UserProfile%\Application Data\AV Security Essentials\cookies.sqlite
%UserProfile%\Desktop\AV Security Essentials.lnk
%UserProfile%\Start Menu\AV Security Essentials.lnk
%UserProfile%\Application Data\AV Security Essentials\Instructions.ini
%UserProfile%\Start Menu\Programs\AV Security Essentials.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AV Security Essentials.lnk
%CommonAppData%\[RANDOM]
%CommonAppData%\[RANDOM]\HS[RANDOM].exe
AV Security Essentials creates the following registry keys and values
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | AV Security Essentials
