AV Security Suite
AV Security Suite is a rogue anti-virus program that waylays you with fake infection alerts while AV Security Suite simultaneously offers you an easy virus-removal method in the form of a purchasable activation key for itself. Because AV Security Suite's abilities at removing viruses and other types of malicious software are just as poor as its ability to detect them, SpywareRemove.com malware analysts recommend that you ignore AV Security Suite's warnings and remove AV Security Suite from your PC whenever possible. Prior to deleting AV Security Suite, you may also be troubled by other issues that originate from AV Security Suite, such as browser redirect attacks and malfunctioning security software. However, basic anti-malware techniques in conjunction with good anti-malware software can get rid of AV Security Suite and ensure a dearth of residual side effects from the experience.
AV Security Suite – An Anti-Security Suite with Fake Reconnaissance to Deliver
AV Security Suite may look like a trustworthy anti-malware scanner, but AV Security Suite's real functions don't have anything to do with rooting out hostile software. Although AV Security Suite is unable to detect genuine threats to your PC, AV Security Suite will continually display a series of fraudulent error messages that contain misleading information, all in an attempt to make you spend money at its website. SpywareRemove.com malware researchers have found that some of the many pop-ups that AV Security Suite may expose you to include:
Security Alert
Virus Alert!
Application can't be started! The file [Program file] is damaged. Do you want to activate your antivirus software now?
Antivirus software alert
Infiltration Alert
Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan - dropper or similar.
Details
Attack from: ip address, port 39096
Attacked Port: 30516
Threat: Win32/Nuqel.E
Windows Security Alert
Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan your computer. Your system might be at risk now.
Antivirus software alert
Infiltration alert
Your computer is being attacked by an Internet virus. It could be password-stealing attack, a trojan-dropper or similar.
As a part of the Win32/FakeSpypro family, AV Security Suite can also be considered a clone of other types of rogue security programs that share most of its code, such as Antivirus Soft, Antivir Solution Pro, Antivirus Suite, Antivirus .NET, AntiSpyware Soft and AntiVira AV. Although you will not hear any mention of AV Security Suite's relatives from AV Security Suite itself, dropper Trojans and rootkits that install AV Security Suite may also install one of AV Security Suite's relatives if you fail to remove the entire infection with suitable anti-malware software.
AV Security Suite's Backup Plan to Endanger Your PC
Even if you resolutely ignore AV Security Suite's fake alerts, other issues will continue to appear until AV Security Suite and any other related infections are removed from your computer. AV Security Suite and other rogue AV programs in its family use standard attacks, which are noted below:
- Browser hijacks that redirect you to AV Security Suite's website. Hijacks may also be used to block you from PC security sites with the display of fake error screens – one example includes the often-used 'visiting this web site may harm your computer' alert. These hijacks occur due to a modified Hosts file and can't be avoided by changing your web browser.
- A total blockade on your real security programs; this can also include basic Windows tools (such as the Task Manager), in addition to anti-malware scanners. However, booting Windows in a way that circumvents AV Security Suite's startup entries (such as by utilizing Safe Mode) will prevent AV Security Suite from having the opportunity to make this attack.
Although these attacks should be considered serious breaches of your computer's security and privacy, an up-to-date anti-malware program should be able to delete AV Security Suite and along with it, remove any traces of its hostile functions.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string].exe 2 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AvScanHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" ="1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
Was attacked with the AV security suite but never let it fully install and I ran a removal but when I reboot now I see its looking and can't find file HP.exe.vir I searched using regedit and can't find it there either. How can I fix this issue? Thanks in advance!
i had the AV Security Suite on my computer 2 days ago. and NOTHING worked. could not open task manager, tried using run command and it said no such thing as task manager. malaware bytes detected it but could not remove it. i also have AVG free antivirus installed with spyware dectector but that didn't stop it from propogating itself on my system. could not access the internet...it blocked my http, ftp, and https ports. i couldn't run ANY of the programs on my computer, it kept throwing up a warning box saying the process (for example, run32dll) was infected. i had no choice but to reformat my hard drive and reinstall my operating system.
Does the phrase [random string] show up or does it mean anything can be there? and if that is the case, how would you know it is malicious?
AV Security SUite has loaded on my laptop. It will not allow me to use task mgr. or the run feature, config etc. Anyine have any success removing this. I can't load Chrome or Firefox. Help
I had the same problem on my wife's computer (and many of you know what that means) and I managed to defeat it with Windows Defender's latest version of MalWare. It worked, but took three hours with the downloading and the scan; but it did work. To the best of my knowledge at this point. But anyone less schoolded could eaisily be taken in by this one.
This site was really good in helping me clean up my registry. My computer was so disabled, I couldn't launch taskmanager (to stop processes), or Regedit (to remove registry keys) or even Notepad (to view the source of the malicious code). I needed a quick fix to hault the assault of popups so I could run a clean sweep of "real" AV software.
For a quick remedy to get you stable enough to do a thorough AV fix, simply Create a shortcut to your desktop when one of the popups appear by right-clicking on the popup and Create Shortcut. The shortcut allows you to see the full filepath where the malicious exe is running (view the Properties of the shortcut icon on your desktop) – write this full path down. You can then restart in Safe Mode and from CMD prompt, you can wipe out the malicious file & directory manually and then restart your computer and run legitimate antivirus software. You only need a few DOS commands to make it work: CD (change directory), DEL (delete file) and RD or RMDIR (remove directory). You can do a google search to find out how to use those.
Yes a virus program will slow your computer down. As will just using the Internet.