AV Security Suite - fake anti-spyware program

1. What is AV Security Suite?

AV Security Suite is a counterfeit program, in technical terms defined as rogue software that is installed silently on user's computer without any prior notice. Any computer program is considered to be rogue software since it initiates false virus detections, usually simulated by corrupt online scanners. Other closely related to AV Security Suite rogues are - Antispyware Soft and Antivirus Soft.

1.1. Computer access methods and impact

According to infection reports, AV Security Suite can affect computers regardless of OS version used on it (Windows XP, Windows Vista or Windows 7). The ways rogue can be downloaded on victimâ€™s machine is by updating a Flash Player to a newer version from malicious websites, through Adobe Reader vulnerabilities, by installing codecs needed for video review or by using fake free online virus scanning services. Rogue program installation process will affect Windows Registry by creating unnecessary and harmful entries, also will create a number of malicious files, some of those under different names in each case of infection what makes AV Security Suite removal process more complicated. IE will be set to use a proxy server in order to disable Internet connection and convince user that it was suspended due to virus impact. To restore internet connection perform the following steps:

Launch Internet Explorer
Go to Tools and then Internet Options
Choose Connections tab
Click on Lan settings
Uncheck box next to Use a proxy server for your LAN
Click OK to close current window
Click OK to close Internet Options window

1.2. AV Security Suite activity

AV Security Suite will subsequently take over the system by displaying constantly appearing security warnings, which are discouraging any use of the computer. Any attempts to run any legitimate program including anti-virus tools will be interrupted and closed stating that the program has been infected, thus making virus removal procedure more confused. The truth is that the programs that are stated as infected stay unaffected - this is done only to scare the user and make him believe that the system is infected.

AV Security Suite will automatically be started at the same time Windows operating system is booted, performing computer system scan simultaneously. The scan procedure is not real and instead of catching infections it will generate a list of random names falsely indicating computer threats, thus making user believe that his computer has been infected. The program will be offering to remove found infections, but only if the user will purchase the license. Do not make any payments related to AV Security Suite - it is an internet fraud and will not remove any of serious threats, even if the full program version has been purchased.

2. AV Security Suite screen shot:

3. How to remove AV Security Suite:

Internet connection might be disabled or Internet browser might be blocked by AV Security Suite, so it won't be possible to download any files to infected computer. In this case please download all files required for AV Security Suite removal to another computer and then transfer them on the infected one using CD/DVD or USB flash drive.
To remove AV Security Suite download Spyware Doctor and install the program (for the installation guide click here). Before installation, make sure all other programs and windows are closed.
After the installation, computer scan should be started automatically. If so, please move to the next step. If not, click "Status" on the left side menu and press "Scan Now" button to run computer scanner as shown in the picture below:
After the scan has been completed and scan results have been generated, press "Fix Checked" button to remove AV Security Suite.
Restart the computer to complete AV Security Suite removal procedure.

4. Hijackthis entries:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:1075

O4 â€“ HKLM\..\Run: [<RANDOM>] %UserProfile%\Local Settings\Application Data\<RANDOM>\<RANDOM>.exe