Antivir Solution Pro is rogue anti-spyware program. This security risk can be downloaded by clicking on certain Internet advertisements, but it must be manually installed. When a user downloads Antivir Solution Pro and runs a scan, the program reports false scan alerts. The user is then prompted to pay for a full license of the application in order to remove the threats.
Type: Misleading Application
Name: Antivir Solution Pro
Risk Impact: Medium
Systems Affected: Windows 2000, Windows Server 2003, Windows Vista, Windows XP
Behavior: Antivir Solution Pro is a misleading application that may give exaggerated reports of threats on the computer.
How to remove Antivir Solution Pro:
Download a free copy of Malwarebytes’ Anti-Malware to remove this software.
How to manually remove Antivir Solution Pro registry values:
Note: The manual removal of files and registries should be performed by experienced users.
- HKEY_CURRENT_USER\Software\AvSuite
- HKEY_LOCAL_MACHINE\Software\AvSuite
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” =”1″
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:5555″
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = “1″
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “{random string}”
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “{random string}”
Other malicious files:
- %Documents and Settings%\[UserName]\Local Settings\Application Data\{random string}\{random string}.exe
See more rogue software removal instructions here.
I don’t really touch registry files. I see it as a really dangerous and risky thing. So what you said is correct. Registry files should only be touched by experienced users.
Andrew,
Registry files are the brains and instructions of a computer and they should only be edited by a pro.
It is scarry to see how many pc users gets infected, hope there will be an easier solution to get rid of them rather then to go and to edit regedit. But perhaps its a quick way when som pro security softs fails in their mission
People will continue to be fooled by this rogue software epidemic. It will only stop when the search engines stop their marketing campaigns.
Registry files you really cannot edit yourself. You have a 95% chance of screwing something up if you do it yourself!!
HAHAHAHAHA! You pulled that number out of your ass!
Sam,
What number are you referring to?
good post though
I’ve been looking for this solution. I’ll try the Malwarebytes’ Anti-Malware if it really works. I won’t try touching the registry files. So i better choose the easiest one. Anyways. Thanks!
i am infected with antivir solutions pro right now and am tryin my best to find the file to delete it. Ive tried to download the malaware bytes but it wont let me on the internet to do so. I am having a really hard time doing this and i cant even find it in the registry files, i need major help!
Hey Sammy,
That program sucks! I got it last night as well when I was just browsing. It wouldnt let me run any applications and would freeze up after a few minutes. I went through DOS to find the file since it wouldnt let me do anything else. Looking at other sites it seemed that the exe file is called “…..tssd.exe” where the “…..” is some random letters. For me it was Npjctnwtssd.exe. It was located at C:\documents and settings\ (username) \local settings\bevuaxepu\Npjctnwtssd.exe.
I just deleted it and when I rebooted it quit popping up that stupid message but it is still freezing so I’m working that issue now!
Best of luck.
Tiff,
You can remove this manually if you know how to edit the registry or try using Malware Bytes to remove it automatically.
Here’s my situation and response:
Antivir Solution Pro was infected
– Blocked AVG from scanning
– Blocked Malwarebytes from installing fully
– Could not open regedit
– Could not open task manager (after startup)
Another user suggested that
1) Start in safemode (press f8 while Windows is loading)
Use system restore to create a restore file previous to the date that Antivir was downloaded. Open Windows normally and restore using the file you saved in safe mode
2) Open Windows normally and IMMEDIATELY press cntrl+alt+delete; do it before Antivir finishes its startup. On the processes menu, it should show up as ******tssd.exe the ***** will be random letters and numbers it generates daily to hide itself, but the tssd.exe files will be pretty constant. Run malware bytes, sypbot, AVG, or any spyware/malware program that you favor until you find the program.
3. This probably won’t work for most users, but if you’re lucky, it’ll just who up as a program. Oepn Control Panel’s Programs options, and if Antivir shows up, uninstall it. You might want to use iObit or Revo Uninstaller for deeper options; they both offer removing empty folders and also limited registry file removal <- be careful before deleting any registry files.
3. Regedit. Always backup your computer BEFORE deleting registry files.
Option 2 worked for me – only two processes came up ending in tssd.exe and once they were deleted all the pop-ups stopped and i could load applications again.
Nicole,
I am glad everything worked out.
I will try to download this one because I’ve been looking for the solution for so long. My brother tried to go for registry but i told him that it is only for experienced user. By the way thanks.
Well see heres the thing. earlier this year, i got the basic antivir, and downloaded malwarebytes and got rid of it. Now, i have the pro version, and ive scanned at least 10+ times with malwarebytes and its not picking it up! I’m actually posting from my brother’s computer, because antivir pro is blocking my internet. Please help, i’m only 15 and not a complete expert.
I am unable to get to the Anti-Malware Download because the Antivir virus is blocking any website I try to go to, and when I try to download my antivirus program, McAfee, the Antivir virus won’t let me run the installation CD so I can’t install it. Can someone please help me.
Phil if you go into internet explorer options under the the connections tab and lan settings you un-check the proxy box and have only a few seconds to go to what website you need before it rechecks it. May take a few times but you can browse this way.
Jeff,
Thanks for your help as well!
Ok I found a work around on the virus for VISTA users. CREATE ANOTHER USER. THATS WHY I:M POSTING RIGHT NOW I DIDE
Jeff,
That method seemed affective but when I tried it, it wouldn’t work. And I tried Dans idea of creating a new account but it won’t let me click on create new account. Any other ideas?
UPDATE
I logged out then logged back in and made a new account before the virus came back so now I have a virus free account but I want to move all my stuff over, how do I do that?
The only thing that worked for my daughter’s computer was a system restore. We did manage to get Malwarebytes transferred to her pc and ran it, but it didn’t help…
this is the most frustrating thing I have ever dealt with.
I am so thankful to Windows software people for having that restore point..it saved a lot of tears from my daughter.
Cheryl,
Restore points are a saver!