How to remove Antivirus Suite
Thursday, April 1st, 2010 at 1:23 amHome » Rogue Antispyware » Antivirus Suite
Antivirus Suite description
Antivirus Suite is a deceptive program designed in the same way as the infamous Antivirus Soft. The user interface of the program makes this fraud look legitimate, but the actions of AntivirusSuite tell the different story.
Antivirus Suite prevents victims from surfing the web by loading fabricated security notifications instead of web pages. Another set of counterfeit alerts is prepared for when user tries to run some real security program. And yet another bunch of alerts are meant to supposedly inform people about infections. Do not trust Anti-Virus Suite and do not hesitate to delete it.
Below are some examples of Antivirus Suite pop-ups. Keep in mind that each of them is fabricated.
Security Warning
Application cannot be executed. The file hijackthis.exe is infected. Do you want to activate your antivirus software now?
Windows Security alert
Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan you computer. Your system might be at risk now.
Antivirus software alert
INFILTRATION ALERT – Virus Attack
Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan – dropper or similar.
Threat: Win32/Nuqel.E
Do you want block this attack?
Internet Explorer Warning – visiting this website may harm your computer!
Most likely causes:
* The website contains exploits that can launch a malicious code on your computer
* Suspicious network activity detected
* There might be an active spyware running on your computer
What you can try:
* Purchase for secure Internet surfing (recommended).
* Check your computer for viruses and malware.
* More information
Threat Information
Threat: Downloader.Win32.Delf.cgx
Risk level: Hight
Description: Category Trojan: This trojan downloads other files via Internet and launches them for execution on victim machine without the user’s knowledge or consent. It is a Windows PE EXE files. It is 48128 bytes in size. It is packed using PECompact. The unpacked file is approximately 131KB in size.
Get rid of Antivirus Suite
Antivirus Suite is a Rogue Antispyware software
How to manually remove Antivirus Suite
To remove Antivirus Suite spyware you must block Antivirus Suite sites, stop and remove processes, unregister DLL files, search and delete all other Antivirus Suite files and registry utility. Follow the Antivirus Suite detection and removal instructions below.
The most typical software removal method is to remove Antivirus Suite by using "Add or Remove Programs" service. However there may be hidden Antivirus Suite files, running processes and registries in your computer, so Antivirus Suite may recreate all other files after reboot.
Antivirus Suite manual removal instructions
Block Antivirus Suite sites:
avprotectsoft.com
antivirus-protectsoft.net
protectedlife.net
life-soft.net
antivirus-protectsoft.microsoft.com
avtivirus-fortress.com
antivirus-armature.com
av-armor.com
firm-av.com
avprocess.com
Read more how to block Antivirus Suite sites
Stop and remove Antivirus Suite processes:
tssd.exe
Read more how to kill Antivirus Suite processes
Locate and delete Antivirus Suite registry entries:
HKEY_CURRENT_USER\Software\avsuite
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ""
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"
Read more how to delete Antivirus Suite registry entries
Download RegistryBooster 2010 to scan errors caused by Antivirus Suite
Detect and delete other Antivirus Suite files:
%UserProfile%\Local Settings\Application Data\\
%UserProfile%\Local Settings\Application Data\\tssd.exe
We strongly recommend you to use spyware remover to track Antivirus Suite and automaticaly remove Antivirus Suite processes, registries and files as well as other spyware threats.
Antivirus Suite
Trackbacks
- Remove Downloader.Win32.Delf.cgx pop-up
- Remove Infiltration Alert, Antivirus Suite Infiltration Alert removal
- Remove Antivirusutils.net, Antivirusutils.net hijacker removal
- Remove Application cannot be executed pup-up, fake security warning removal
Leave a Reply
Subscribe
Search
Categories
- Adware
- Backdoor
- Browser Helper Object
- Browser Hijacker
- Fake warning messages
- Keylogger
- Malicious domains
- Remote Administration Tool (RAT)
- Rogue Antispyware
- Tracking Cookie
- Trojan
- Worm
Latest spyware threats
- Decrypt Protect Virus
- Win 8 Protection 2013
- Vista Protection 2013
- Safe PC Cleaner
- SpeedMaxPc
- Securebit
- Error Repair
- System Care Antivirus
- PC Fix Speed
- Win 7 Security Cleaner Pro
- Vista Security Cleaner Pro
- Antivirus Security 2013
- AVASoft Professional Antivirus
- XP Security Cleaner Pro
- Homeland Security Virus
Recently commented
- Google Redirect Virus
- Fake Microsoft Security Essentials Alert
- Win 7 Security Cleaner Pro
- Win 7 Anti-Virus 2011
- Smart PC Cleaner
- XP Antivirus 2012
- Windows Microsoft Guardian
- RegFix Pro
- XP Antispyware 2013
- Myfreeze.com
- Privacy Components
Malicious domains
- 7search.com
- iCityFind
- Antivirsword.com
- Webantispy.com
- Antivirmore.com
- Antivirglass.com
- Oksave9.co.cc
- Smartsecadv.com
- AV-look.com
- Profantivir.com
Fake warning messages
- Firefox need to update immediately
- Kaspersky Internet Security 2011 Enhanced Protection Mode
- Comodo Enhanced Protection Mode
- Microsoft Security Essentials Enhanced Protection Mode
- McAfee Enhanced Protection Mode
- Norton Antivirus Enhanced Protection Mode
- ESET Smart Security Enhanced Protection Mode
- Microsoft Defender Enhanced Protection Mode
- Avast Enhanced Protection Mode
- Fake “Windows – No Disk” alert
Tutorials
- Contact Us
- How to block malicious websites using HOSTS file?
- How to delete registry entries?
- How to download and install Spyware Doctor
- How to kill malicious processes?
- How to recognize a rogue security program?
- How to recognize a rogue website?
- How to unregister DLL files?
- Signs of browser hijacker infection
Archive
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
Tags
Security News- Beware of Decrypt Protect Virus ransomware
- What is Win 8 Protection 2013 and why it is dangerous
- Delete Vista Protection 2013 rogue tool
- Do not trust Safe PC Cleaner optimizer
- Remove SpeedMaxPc fake system optimizer
- What is Securebit and why you need to remove it
- Do not trust Error Repair rogue system tool
April 1st, 2010 at 11:09 am
thank you so much dude
Reply
Tim Reply:
April 2nd, 2010 at 9:10 am
This virus will not allow any executables in normal mode and the removal tools do not work in safe mode. Is there a simple work around to get around this issue? I am running Vista.
Reply
Luciana Reply:
April 5th, 2010 at 10:34 pm
Well, you can always use the manual removal guide posted above. This way you don’t need to run any programs.
Reply
April 3rd, 2010 at 6:38 am
Worked like a champ, thank you for the information!!!!
Reply
April 5th, 2010 at 10:13 am
umm this removal thing isnt working for me. maybe im using it wrong?
Reply
April 8th, 2010 at 8:31 pm
just want to see followups
Reply
May 29th, 2010 at 10:27 pm
Greetings,
I am still receiving pop-ups after running MalwareBytes, removing all listed items above … I am not able to run Spyware Doctor however … in normal mode. And this means that I am still seeing the pop-ups Application cannot be executed etc and Windows Security alert and Infiltration Alert. Please HELP!
Reply
Luciana Reply:
May 30th, 2010 at 11:19 pm
Run Spyware Doctor in a safe mode. If you deleted Antivirus Suite and the pop-ups are still there, there’s a big chance you got other malware onboard.
Reply
June 29th, 2010 at 6:25 am
avsuite doesn’t install such obvious folders/files as to be named ‘avsuite’… maybe they did ages ago but they’ve long since learned to hide them.
One suggestion I saw (albeit for future problems) is to install, say, Firefox to give you an alternative way to be able to load spybot, etc.
Reply
rdu Reply:
January 20th, 2011 at 12:54 pm
Firefox is also prevented from accessing the internet with the same error messages.
Reply
March 20th, 2012 at 5:07 pm
Thanks for sharing excellent informations. Your web site is so cool. I’m impressed by the details that you’ve on this blog. It reveals how nicely you understand this subject. Bookmarked this web page, will come back for more articles. You, my friend, ROCK! I found just the information I already searched everywhere and simply couldn’t come across. What a perfect web-site.
Reply