Thursday, June 24, 2010

AV Security Suite Removal GuideAV Security Suite Removal Guide

AV Security Suite Removal Guide
AV Security Suite is a fake antivirus program with purpose to cheat money from the user. AV Security Suite installs itself into the computer without confirmation of the user unless the user set the UAC level to the highest level. AV Security Suite run itself when the computer boot and scan the computer automatically and produce fake scan result and urge the users to buy the full version of AV Security Suite.

AV Security Suite always states that the computer is not protected against malware. It changes Internet Explorer settings and enables proxy server which make the computer easily access by hackers! It show the computer was infected by malware such as BackdoorWin32S which is a fake alert.

AV Security Suite should be removed immediately!


AV Security Suite Removal Guide
Kill Process
(How to kill a process effectively?)
[random string]tssd.exe
[random string].exe

Delete Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random string]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" ="1"
HKEY_CURRENT_USER\Software\AvScan

Remove Folders and Files
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string].exe

No comments:

Post a Comment