Home Articles Spyware Research Support Scan Now Purchase F.A.Q.

Top Infections:

1.Google Redirected
2.ZeroAccess Rootkit
3.Privitize VPN
4.searchab.com
5.search.conduit.com
6.PremiumPlay Codec-C
7.XP Antispyware 2012
8.BundesPolizei Virus
9.XP Security 2012
10.Home Security Essentials
11.95p.com Search Redirect
12.Security Shield
13.Security Tool
14.Mediashifting.com Search Redirect
15.XP Home Security 2012
16.About Internet Explorer Emergency Mode
17.System Security
18.Vundo Trojan
19.Internet Security Essentials
20.XP Internet Security 2012
About Spyware
Glossary

Latest Detections
Fake Scanner Sites


Google Search Redirects

Scour.com
Shopcompareus.com
savecompare.com
Couponmountain.com

AV Security Suite

Alias: AV Security Suite

Description: Updated on: July 12, 2010 8:49am

AV Security Suite is a variant of Antispyware Soft which is considered to be one of the hardest fake antispyware products to remove in recent history. AV Security Suite uses the same tactics as Antispyware Soft and is very good at eluding detection. In order for AV Security Suite to stop you from removing it, AV Security Suite disables Internet connection (except to its own sales page since the ultimate goal is to have you buy this fake product), disables existing antivirus and antispyware programs, blocks access to help forums and to major name brand antispyware and antivirus vendor websites.

To put the pressure on you to buy the full version, AV Security Suite starts opening porn websites such as adult.com, porno.com and porno.org, and also occasionally opens the website viagra.com. AV Security Suite continually harasses the user with numerous warnings and messages saying that their computer is infected and is under attack from hackers. AV Security Suite is commonly installed by a trojan or manually mistakenly downloaded from one of many fraudulent Fake Scanner Sites.

AV Security Suite can block you from running programs, if that is the case, we have easy to follow special workaround instructions below.

AV Security Suite displays exaggerated fake scan results similar to those shown below:

AV Security Suite Main Screen

AV Security Suite also displays warning messages messages similar to the following:

AV Security Suite Warning Message

When you try to run an application, AV Security Suite will issue fakes messages saying that the program you are trying to run is infected. These look like:

AV Security Suite Popup Screen

AV Security Suite Special Removal Instructions (iexplore method, try first)

Please make sure to bookmark this page as you will need to refer back to it to complete the removal steps.

We have created a modified version of SpyNoMore to handle persistent infections such as AV Security Suite. If you are able to download the modified SpyNoMore Installer directly onto the infected computer, or if you can download it to a clean computer and transfer it to the infected computer (by using a network or a flash drive), follow the steps below. NOTE: The installer will be named iexplore.exe. Otherwise please skip the next steps and proced to the second set of instructions below (version 2).

Step 1: Click here to download the SpyNoMore installer onto a clean computer and transfer it to the infected computer (by using a network or a flash drive). Otherwise download it directly onto the infected computer. NOTE: The installer will be named iexplore.exe.

Step 2: Double-click iexplore.exe to install SpyNoMore on the infected computer. When the installation is completed, SpyNoMore will check for and download available updates which will alert AV Security Suite to its presence at which point AV Security Suite may shut down SpyNoMore.

Step 3: Restart SpyNoMore from the desktop shortcut then click on 'Settings' and uncheck the box that says 'Use Internet Explorer settings'.

Step 4: SNM will scan your computer and if AV Security Suite is present, SNM will detect it and you will be able to see either AV Security Suite or Antispyware Soft in the scan results. These two are the same product. Please note that the free version of SpyNoMore will only show you the detections but will not remove them. In order to remove the infection you need to purchase a 1-year license which costs $29 (or $39 for 3 computers). In all cases, you will be able to see AV Security Suite in the free version scan results.

Step 5: Purchase the activation key from a clean computer by clicking on our Purchase link on spynomore.com. Write down the activation key and use it to activate SNM on the infected computer. This will remove AV Security Suite and restore your internet connection. You will again be able to run your programs and applications without trouble.

Step 6 (optional): It would be a good idea to check your computer for rootkits (which are basically hidden trojans) which may have tagged along with AV Security Suite. To do so, download and run TDSSKiller by Kaspersky Labs.

Step 7 (optional): If TDSSKiller does find a rootkit, it will ask you to restart your computer so that it can remove the rootkit(s). After your computer restart, scan your computer once more with SpyNoMore to make sure everthing is OK.

AV Security Suite Special Removal Instructions (version 2)

Please make sure to bookmark this page as you will need to refer back to it to complete the removal steps.

AV Security Suite may prevent you from running programs and/or limit your Internet Access. Follow the steps below for such cases.

Step 1: Click on Start > Run and type: shell:Local AppData (you can copy-and-paste it). In the window that opens, look for an oddly named folder (folder name made up of randomly characters, usually all small case letters). Double-click on this folder to open it.

Step 2: Indide the folder from step 1 above, you will find a randomly-named file. Right-click on it and choose 'Rename'.

  • If the file name has an '.exe' extension (for example 'vurivm.exe'), rename it by ONLY ADDING 4 characters '.eee' to the end of the existing name. So in our example, the renamed file should be 'vurivm.exe.eee'. Proceed to step 3 below.

  • Otherwise if the file name does not have an '.exe' extension showing (for example 'vurivm'), you need to first enable file-extension view in order to see the '.exe. extension, as follows: In Windows, right-click on Start, choose Explore. On the top click on Tools > Folder Options > View. Remove the checkmark infront of 'Hide extensions for known file types. This will enable you to see and rename the '.exe' extension. Rename the file by adding the 4 characters '.eee' to its end so it would lokk something like this 'vurivm.exe.eee'.

    • Step 3: Restart your computer. After restart, you will notice that AV Security Suite does not start up. This does not mean that AV Security Suite is gone! You still need to follow the steps below to completely remove AV Security Suite.

    Step 4: After your computer restarts, click on Tools > Internet Options > Connections > LAN Settings and uncheck the box 'Use proxy server..'.

    Step 5: Download SpyNoMore to the infected computer.

    Step 6: Install SpyNoMore and scan your computer to remove AV Security Suite. If SpyNoMore is unable to download available updates, please click on SpyNoMore Settings and uncheck 'Use Internet Explorer settings'. Please note that the free version of SpyNoMore will only show you the detections but will not remove them. In order to remove the infection you need to purchase a 1-year license which costs $29 (or $39 for 3 computers). In all cases, you will be able to see AV Security Suite in the free version scan results.

    Step 7 (optional): It would be a good idea to check your computer for rootkits (which are basically hidden trojans) which may have tagged along with AV Security Suite. To do so, download and run TDSSKiller by Kaspersky Labs.

    Step 8 (optional): If TDSSKiller does find a rootkit, it will ask you to restart your computer so that it can remove the rootkit(s). After your computer restart, scan your computer once more with SpyNoMore to make sure everthing is OK.



    Threat type:

    Hijacker - A Hijacker is a software application that takes control of your browser's settings. Usually it changes your home page and redirects it to some unknown site or modifies your search settings. It prevents you from changing back your browser's settings. An infected browser usually operates much slower.

    Ransomware - Ransomware is a software application that infects a computer and asks for money to have the infection removed.

    Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly normally via malware programs, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs.


    Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer and / or to protect your privacy.

    Detection:
    SpyNoMore removes AV Security Suite: Yes

    Threat risk: Very High Risk
    Remove AV Security Suite, AV Security Suite Remover
    Extremely dangerous malware. Uses stealth installation, randomly named entries and has the capability to self update or resurrect after incomplete removal. Almost impossible to remove manually. Category mostly consists of trojans and spyware.

    Symptoms:

    AV Security Suite gets installed without your permission.

    The following website(s) are opened by AV Security Suite: antivirglass.com, antimalware-guard.com and antimalwaresecurity.com.

    Inability to run programs.

    Loss of Internet connection.

    You cannot simply uninstall AV Security Suite as it is malware and does not come with an uninstaller.

    When trying to open a website you receive an error message saying:

    This website has been reported as unsafe

    We recommend that you do not continue to this website. This website has been reported to Microsoft for containing threats to your computer that might reveal personal or financial information.

    Other error messages include:

    Antivirus software alert

    Infiltration Alert

    Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan-dropper or similar.

    ATTENTION! SPYWARE ALERT

    Vulnerabilities found.

    Your computer is infected by spyware - 34 serious threats have been found while scanning your files and registry.

    Windows Security alert

    Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan your computer. Your system might be at risk now.



    AV Security Suite Signature Details: The following information includes some of the standard signatures associated with this spyware threat. Please do not attempt to manually remove these items from your computer; Removing these items incorrectly or partially can cause your computer to experience critical errors, prevent your computer from restarting or cause loss of Internet connectivity. Should you be infected with AV Security Suite, you can clean your computer by downloading SpyNoMore now.

    Running Process Signatures:
    N/A

    File Signatures:
    N/A

    Registered Dll (Dynamic Link Library) Signatures:
    N/A

    Folder Signatures:
    N/A

    Registry Signatures:
    N/A

    SpyNoMore Collected Residual File Signatures:
    N/A


    See Also:
    Protection Center
    Antispy-guide.net
    Antispy-guide.com
    Sysinternals Antivirus
    Performance Center
    Antimalwaresecurity.com
    Antimalware-guard.com
    Antimalware-guard.net
    Defense Center
    Security Master AV

    Spyware Removal Home | Support | F.A.Q. | Spyware Removal Database | Privacy Policy | Site Map
    Copyright © 2005-2012 Illysoft LLC