Fake Scanner Sites
Google Search Redirects
Green AV Security Suite
Alias: Green AV Security Suite
Description: Updated on: June 16, 2010 2:05am
Green AV Security Suite is a variant of Antispyware Soft and AV Security Suite which are considered to be among the hardest fake antispyware products to remove in recent history. Green AV Security Suite uses the same tactics as Antispyware Soft and AV Security Suite and is very good at eluding detection. In order for Green AV Security Suite to stop you from removing it, Green AV Security Suite disables Internet connection (except to its own sales page since the ultimate goal is to have you buy this fake product), disables existing antivirus and antispyware programs, blocks access to help forums and to major name brand antispyware and antivirus vendor websites.
To put the pressure on you to buy the full version, Green AV Security Suite starts opening porn websites such as adult.com, porno.com and porno.org, and also occasionally opens the website viagra.com. Green AV Security Suite continually harasses the user with numerous warnings and messages saying that their computer is infected and is under attack from hackers. Green AV Security Suite is commonly installed by a trojan or manually mistakenly downloaded from one of many fraudulent Fake Scanner Sites.
Green AV Security Suite can block you from running programs, if that is the case, we have easy to follow special workaround instructions below.Green AV Security Suite displays exaggerated fake scan results similar to those shown below:
Green AV Security Suite also displays warning messages messages similar to the following:
When you try to run an application, Green AV Security Suite will issue fakes messages saying that the program you are trying to run is infected. These look like:
Green AV Security Suite Special Removal InstructionsPlease make sure to bookmark this page as you will need to refer back to it to complete the removal steps.
Green AV Security Suite may prevent you from running programs and/or limit your Internet Access. Follow the steps below for such cases.
Step 1: Click on Start > Run and type: shell:Local AppData (you can copy-and-paste it). In the window that opens, look for an oddly named folder (folder name made up of randomly characters, usually all small case letters). Double-click on this folder to open it.
Step 2: Indide the folder from step 1 above, you will find a randomly-named file. Right-click on it and choose 'Rename'.
Step 3: Restart your computer. After restart, you will notice that Green AV Security Suite does not start up. This does not mean that Green AV Security Suite is gone! You still need to follow the steps below to completely remove Green AV Security Suite.
Step 4: After your computer restarts, click on Tools > Internet Options > Connections > LAN Settings and uncheck the box 'Use proxy server..'.
Step 5: Download SpyNoMore to the infected computer.
Step 6: Install SpyNoMore and scan your computer to remove Green AV Security Suite. If SpyNoMore is unable to download available updates, please click on SpyNoMore Settings and uncheck 'Use Internet Explorer settings'. Please note that the free version of SpyNoMore will only show you the detections but will not remove them. In order to remove the infection you need to purchase a 1-year license which costs $29 (or $39 for 3 computers). In all cases, you will be able to see Green AV Security Suite in the free version scan results.
Step 7 (optional): It would be a good idea to check your computer for rootkits (which are basically hidden trojans) which may have tagged along with Green AV Security Suite. To do so, download and run TDSSKiller by Kaspersky Labs.
Step 8 (optional): If TDSSKiller does find a rootkit, it will ask you to restart your computer so that it can remove the rootkit(s). After your computer restart, scan your computer once more with SpyNoMore to make sure everthing is OK.
Hijacker - A Hijacker is a software application that takes control of your browser's settings. Usually it changes your home page and redirects it to some unknown site or modifies your search settings. It prevents you from changing back your browser's settings. An infected browser usually operates much slower.
Ransomware - Ransomware is a software application that infects a computer and asks for money to have the infection removed.
Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly normally via malware programs, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs.
Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer and / or to protect your privacy.
SpyNoMore removes Green AV Security Suite: Yes
Threat risk: Very High Risk
Extremely dangerous malware. Uses stealth installation, randomly named entries and has the capability to self update or resurrect after incomplete removal. Almost impossible to remove manually. Category mostly consists of trojans and spyware.
Running Process Signatures:
Registered Dll (Dynamic Link Library) Signatures:
SpyNoMore Collected Residual File Signatures: