FrEn

E-mail Print PDF

Free malware removal tool to remove AV Security Suite
Written by Administrator  |  Thursday, 03 June 2010 00:00
AddThis Social Bookmark Button

AV Security Suite is another rogue Antispyware from the Antispyware Soft and Antivirus Suite, that tries to get money from users by prompting them to register and buy their Fake products. Some old malwares often return to the front of the stage and AV Security Suite is replacing Antivirus Live and Antivirus Soft. Remove AV Security Suite immediately from your system.

AV Security Suite

To remove AV Security Suite (Uninstall AV Security Suite)

  • Download this free removal tool for AV Security Suite
  • Extract it
  • Launch
  • Click on the delete button

AV Security Suite will be removed from your system in 10s. Restart your computer when it’s finished.

Processes :

  • [random]sysguard.exe
  • [random]sftav.exe
  • [random]tssd.exe

Files :

  • %AppData%\[random]\[random]sftav.exe
  • %AppData%\[random]\[random]sysguard.exe
  • %AppData%\[random]\[random]tssd.exe
  • %AppData%\[random]

Registry

Registry keys created

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
  • HKEY_CURRENT_USER\Software\avsoft
  • HKEY_CURRENT_USER\Software\avsuite
  • HKEY_LOCAL_MACHINE\Software\avsoft
  • HKEY_LOCAL_MACHINE\Software\avsuite

Registry values created

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    • [random] = "%AppData%\agolui\[random]sftav.exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
    • RunInvalidSignatures = 0x00000001
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
    • LowRiskFileTypes = ".exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
    • SaveZoneInformation = 0x00000001
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    • [random = "%AppData%\[random]\[random]sftav.exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
    • JITDebug = 0x00000001
  • HKEY_CURRENT_USER\Software\avsoft
    • knkd = 0x00000001

Registry value deleted

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    • AppInit_DLLs = ""

Registry value modified

  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
    • CheckExeSignatures = ""/ Original value =" yes"

Download

 

For manual removal :

  • Restart your computer in safe mode using your usual account
  • Open Explorer
  • Type %AppData% on the address bar
  • Remove all RANDOM CHARACTERS folder
  • Click on the Start menu
  • Click on Run
  • Type msconfig and enter
  • Go to StartUp tab
  • Uncheck all RANDOM CHARACTERS values which point to a process under %AppData%\[random characters]\
  • Restart your computer in normal mode
 

Comments  

 
0 #77 Shashi 2010-09-09 23:48
Wow!!! You are a genius man, it was so easy, god bless you man
Quote
 
 
0 #76 Moon 2010-09-05 04:12
WORKED FOR ME, THANK YOU!
Quote
 
 
0 #75 majBUZZ 2010-08-22 03:36
Thank you worked great its people like you who make it possible for everyone else to defeat these jerks who violate our computers keep up the good fight and again thank you
Quote
 
 
0 #74 Omar Corrie 2010-08-21 21:43
it works!!!
Quote
 
 
0 #73 Timm 2010-08-20 18:57
Thank you so so so so much for posting this. Wasted about a day and a half running malware bytes, Spybot, ad-aware, AVG...nothing worked. Tried to remove manually but too confused and didn't want to screw anything up more. Your program is a life saver. You're the greatest.
Quote
 
 
0 #72 Kyle 2010-08-17 07:46
Brilliant! Worked like charm, Safe Mode, 3 Clicks, no more headache, back to margaritta!!
Quote
 
 
0 #71 ytsejammer 2010-08-15 00:13
Thank you so much for this removal kit. It totally works!!
Quote
 
 
0 #70 aivaras 2010-08-14 21:12
ACIU!! atrodo padejo
Quote
 
 
0 #69 Paul 2010-08-14 13:52
That worked. Phew!
First run this tool in safe mode, then download and do a "quick scan" with malwarebytes.
Essentially you are following the instructions on the bleepingcompute r site, but using this tool in place of the rkill tool - which wouldn't work for me at all.
So glad to be back to normal!
Quote
 
 
0 #68 Paul 2010-08-14 13:15
Err... I take it back. After rebooting into Normal mode it returned.
It has partially fixed it though, as I am now able to go to the Malwarebytes site. I wasn't able to before.
So... first I ran this patch, then did a system scan with malwarebytes. All in Safe Mode.
I'll let you know if that works.
Quote
 

Add comment


Security code
Refresh

Related articles
Latest posts
Free malware removal tool to remove Antivir Solution Pro
_WRITTEN_BY Administrator 15/07/2010

Antivir Solution Pro is another rogue Antispyware from the Antispyware Soft and Antivirus Suite, that tries to get money from users by prompting them to register and buy their Fake products. Some…Read more...

Free virus removal tool to remove RVHOST.exe
_WRITTEN_BY Administrator 17/06/2010
  • RVHOST.exe is a trojan that may reprensent security risk for your system, it runs in the background, this application allows remote access to the compromised system.
  • Downloads…
Read more...
Free virus removal tool to remove WinDefender.exe
_WRITTEN_BY Administrator 17/06/2010
WinDefender.exe is a trojan that may reprensent security risk for your system, it runs in the background, this application creates startup registry keys. Read more...
Free malware removal tool to get rid of Defense Center
_WRITTEN_BY Administrator 12/06/2010
Defense Center is another rogue Antispyware from the Digital Protection family, it's a malware that pretends to be an Antivirus. It is a wolf in sheep's clothing. It conducts a fake scan of your…Read more...
Free virus removal tool to remove Xss.exe
_WRITTEN_BY Administrator 10/06/2010

Xss.exe is a trojan that may reprensent security risk for your system, it runs in the background, this application allows remote access to the compromised system.

Xss.exe downloads files…Read more...

.
Information | Contact

© All Rights Reserved. net-studio.org 2009