Antivir Solution Pro

Trouble removing this virus? Try Spyware Doctor With Antivirus from PCTools. »Download

Online Virus Removal Guaranteed online virus removal service or you don't pay: www.OnlineComputerRepair.org

Description: Antivir Solution Pro is just the latest in a long line of fake security clients. the 4 others are AV Security Suite, Antispyware Soft, Antivirus Suite and Antivirus soft. The security warnings and viruses this program finds on your computer are all made up. It is a scam to steal money from you.

The thing that really makes this program hard to remove is it blocks you from accessing the internet. It does this by changing the Internet connetion to Proxy. You first need to remove this proxy setting to be able to surf the web again. PLEASE VIEW THE BOTTOM VIDEO ON HOW TO DO THIS..

Like most rogue security clients it can be hard to remove Antivir Solution Pro. This program will often times block the install and updates of security clients that are well known. It may also disable the Windows Task Manager and a number of other things like change the Windows Hosts file.

If you are infected with this threat WE HAVE YOU COVERED. Our virus removal guides have videos and we tell you what security software is well known to remove this threat.

Antivir Solution Pro

Antivirus solution Pro

» Download Antivir Solution Pro Removal Software

As soon as you find yourself infected with this threat you need to take immediate action to remove it. Antivir Solution Pro removal can be hard but we have the know how to help you through removing this virus. Our Virus removal guides have been viewed millions of times and helped countless numbers. We have included videos to help instruct you as well as some very good guides under the "How To Guides" section on top.

Automatic Antivir Solution Pro Removal

PLEASE NOTE: In order to use this client you will first need to re-set your proxy settings. Watch the bottom video then install this client.

We do recommend Spyware Doctor with Antivirus. This is one of the few clients out there that can really make a big difference. The problem most people will have is your fake client may block the install or updating of a real security product. You can always start of following the manual guide below. Once you terminate the running processes of this virus you should be able to install the client just fine. If you follow the link above and use coupon code removevirus10 you will get 10% off. This is an exclusive coupon we got just for removevirus.org readers.

Online Antivir Solution Pro Removal Service

Sometimes you just need a pro. If you are having troubles and do not understand the below guide or just feel better having an expert removing this threat and all others on your computer then we recommend www.onlinecomputerrepair.org. It's one of the leading remote computer repair companies out there and will get you taken care of.

Antivir Solution Pro Video

HELP US: We took the time to make this video and help you. Please rate us on http://www.mywot.com/en/scorecard/removevirus.org . It will only take you a minute to register and add a comment. We would also welcome any posative facebook or social bookmark comments.

Don't forget. If it's too hard for you to remove yourself or things just aren't working for you then a cheap route for repair is www.onlinecomputerrepair.org.

Remove Proxy Setting so You Can Connect to the Internet Again.

PLEASE NOTE: We are getting some reports that you may need to be in Safe mode with networking in otder to turn off the proxy settings. So if it does not work in normal mode then boot into safe mode.

Antivir Solution Pro Manual Removal Procedures

The first step you must take in order to remove Antivir Solution Pro is to stop the following process:

[random]tssd.exe [random].exe Normally 6 random characters. Example would be wsjmsntssd.exe or vwnstftssd.exe

To Stop this process you can either browse to the file location and re-name the file like we did in the video above, or you can download our process killer tool under SOFTWARE tab above. Be sure to download the one already re-named explorer.exe. If you can not stop this process then re-boot into safe mode with networking. In safe mode the process will no longer be running and you can then just browse to the file location and delete it. See our How to Guides for directions on booting into safe mode.

We also want to point out that your Internet Explorer and or Chrome will not be able to connect to the internet in many cases. You need to remove the proxy setting first. View the video above on how to do this.

The next step in Antivir Solution Pro removal is to delete the following file: The process can not be running for you to delete the below files.

Windows XP:

%Documents and Settings%\[UserName]\Local Settings\Application Data\[random characters ]\[random characters]tssd.exe

Windows Vista/7:

%User%\AppData\Local\[random characters ]\[random characters]tssd.exe

Once the above steps have been completed, Antivir Solution Pro is mostly gone from your computer. Even if in most cases this step would ensure that no other malicious software are present on the disk it is still recommended to scan the entire PC using genuine security software such as Spyware Doctor with Antivirus.

If you find this threat too hard to remove yourself and need an expert we recommend www.onlinecomputerrepair.org . They charge far less than others and are great at what they do.

Antivir Solution Pro Registry Removal Procedures

Removing files and folders alone is not sufficient to completely removeAntivir Solution Pro. The following keys and settings should also be removed from the Windows registry to complete Antivir Solution Pro removal: Please note you may not have all of these entries. The best thing to do is to scan using Spyware Doctor with Antivirus to see what entires you have.

HKEY_CURRENT_USER\Software\SolutionAV
HKEY_CURRENT_USER\Software\avsoft
HKEY_CURRENT_USER\Softwar\eavsuite
HKEY_CURRENT_USER\Software\AVSolution
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite
HKEY_LOCAL_MACHINE\SOFTWARE\AVSolution
HKEY_LOCAL_MACHINE\SOFTWARE\SolutionAV
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "RunInvalidSignatures" ="1"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "ProxyOverride" = ""
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "ProxyServer" = "http=127.0.0.1:5555"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations "LowRiskFileTypes" = ".exe"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "[random]"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun "[random]"

Updated Regsitry traces: May not apply to you

HKEY_CLASSES_ROOT\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVSecurity (and AVscan or AntivirSolutionPro)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\######tssd_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\######tssd_RASMANCS

You should now run a full security scan to ensure no other threats are installed on your computer.

Antivir Solution Pro Directories:

Vista and Windows 7 Users: %User%\AppData\Local\[random characters ]\
XP Users: %Documents and Settings%\[UserName]\Local Settings\Application Data\[random characters ]\

Conclusion

It is not recommended for inexperienced users to attempt to delete Antivir Solution Pro manually, as any mistake made during removal could result in your system getting damaged. Therefore, inexperienced users are advised to use a web-based repair service such as www.onlinecomputerrepair.org or legitimate antivirus software such as Spyware Doctor with Antivirus to completely and safely remove AV Security Suite.

Related Article Keywords: Antivir Solution Pro, Remove Antivir Solution Pro, Antivir Solution Pro Removal, How to Remove Antivir Solution Pro

See our Antivirus Software Reviews for other security clients that we like.

As always please post updates to the file traces. If yours are different then other users will find it helpful.

64 comments for "Antivir Solution Pro".

1. if you reboot and pull up

Submitted by Anonymous (not verified) on Wed, 07/21/2010 - 09:15.

if you reboot and pull up task manager before this software loads you can end task on the process and delete the stuff mentioned above

this is a nasty little sucker but got it removed

p.s. before deleting the registry entries yourself (if this is what you plan on doing), make a copy of the registy before removing any entries

2. Amen to the backup registry

Submitted by technical admin on Thu, 07/22/2010 - 10:17.

Amen to the backup registry first. Great tips and solid info.

3. Thanks

Submitted by Susan (not verified) on Wed, 07/21/2010 - 12:07.

I am somewhat out of the loop but will be able to do this one for my sister's laptop...
Do you have any suggestion on how she got the virus so as we don't unjustly blame her step son for his use of it this weekend?
Thank you again for this site, and again, any feed back on how she got the virus would be helpful...

4. You Can NOT blame kids or

Submitted by technical admin on Wed, 07/21/2010 - 19:24.

You Can NOT blame kids or anyone for something like this. I often times find my test viruses by doing innocent searches in Google for things like Bald Eagle or liberty bell.

You need to ensure you have proper security software to protect your computer online.

When a child is using the computer they should have to log in under their own account that has limited permissions. This stops them from being able to get infected most of the time from viruses like this. Ultimately it is the responsibility of the computer owner to secure their own computer.

5. my brother compouter have a virus that call antivir solution pro

Submitted by loubert senatus (not verified) on Sun, 08/01/2010 - 13:27.

im scare he gonna blame it on me that i mess it up the desktop and i didn't do nothing wrong cause im the only 1 using the computer for this week please i need your help how to take it out from is pc contact me my email Removed for Privacy and im only 13 years old please i need your help.........................god bless u

6. As per our disclaimer and

Submitted by technical admin on Sun, 08/01/2010 - 15:21.

As per our disclaimer and terms of use we only help people age 18 and above. We can not be held liable for any actions you take.

With that said we can only help people who help themselves. You made no mention of what you could not do in the virus removal guide we wrote. Follow the guide. It works. Watch the video it works. Just asking for help and not stating what you already tried in the guide will get you no were.

7. Quick Favor

Submitted by technical admin on Wed, 07/21/2010 - 19:55.

For all of you out there who are thanking us please take 1 minute and create WOT ( Web Of Trust Account and comment on our site. http://www.mywot.com/en/scorecard/removevirus.org

We have some people who never look at the facts and what this site does so they say false things. We do not create viruses. We just finish them :). This will help us build a better brand name going forward.

Thanks,

Jacob

8. Cheers

Submitted by Jon (not verified) on Thu, 07/22/2010 - 08:40.

Thanks! Your instructions were straight forward and easy to follow- seems to have worked...

Two questions though...

Firstly, I got to the stage of removing the reg key entries, but cant seem to find the entries listed above for deletion? However I do see an entry which sounds similar: (not sure if this is the correct format, but here goes...) HKEY_CURRENT_USER>software>AVSolution. Reading/listening to your advice made me guess that I probably shouldnt go deleting stuff if I wasnt 100%- so i didnt! Ps I ran a program called CC cleaner which sorts out invalid reg entries and fixes them- but I checked the list it produced and none of the above entries were included??

Secondly, internet explorer comes up with the message 'cannot display web page'. When I click 'diagnose connection', nothing happens at all? Wierd, as i'm using firefox at the moment and that seems to work fine??

I've run a full scan with the latest updated version of AVG, but it looks like nothing else is causing a problem... Do you have any suggestions?

Many thanks,

Jon

9. AVSolution is bad. Remove

Submitted by technical admin on Thu, 07/22/2010 - 10:08.

AVSolution is bad. Remove it.

Did you remove the proxy settings like we showed you in the video?

AVG offers zero protection to your computer and you will get infected again. At least the free revision offers no protection. Run a full scan as we stated in the guide with Spyware Doctor with Antivirus. It's free to scan and will tell you if you have any other infections on the computer.

10. Must have missed that bit-

Submitted by Jon (not verified) on Thu, 07/22/2010 - 11:53.

Must have missed that bit- turned off the proxy settings and deleted AVSolution- everything seems back to normal again!

Thanks a load- was trying to write a presentation for work and thought I was in BIG trouble! Will try running the Spyware Doctor scan and see what happens!

Cheers,

Jon

11. No problems. Glad you got it

Submitted by technical admin on Thu, 07/22/2010 - 12:17.

No problems. Glad you got it sorted. Be sure to comment and rate us on the mywot . com website.

12. one more question

Submitted by Jon (not verified) on Thu, 07/22/2010 - 09:28.

also, just realised that i cant seem to access the internet from other programs e.g. when using MS word, i cant 'lookup' words as i'm told that i'm not connected to the internet??

Hope you can help?

Jon

13. I already left a comment on

Submitted by csarac01 (not verified) on Fri, 07/23/2010 - 05:52.

I already left a comment on WOT but I just wanted to say thank you SO much! I almost let myself get ripped off by Best Buy but instead I was able to remove the virus on my PC by myself and save money! This is such a great tool and I am so glad I found it. I would recommend you to anyone! Thanks again!

14. Big Thanks for rating us on

Submitted by technical admin on Fri, 07/23/2010 - 09:38.

Big Thanks for rating us on WOT. We need the help there because people say false things with out even looking at our site.

Glad you were able to follow the guide and fully remove the virus yourself.

15. Agree! I didn't get my

Submitted by Anonymous (not verified) on Wed, 08/11/2010 - 14:00.

Agree! I didn't get my solution from this site, but was just browsing to see if anyone had gone the Best Buy route. I had the issue last weekend and panicked like most do when they get something like that unless they are already pretty techy. I knew enough about computers to play around it, but first called Best Buy. The lovely Geek Squad stressed this was the worse virus ever (which I doubt since many seem to be able to remove on their own), but they could fix for a cool $199. AND...would take 2-4 days.

Capitilism at its best...seeing how I fixed on my own in an hour (most of that time was researching on the internet) and I fixed by restoring the computer back to a pre-virus date. Cost me $0. I have never been a big fan of Best Buy, but I will limit my shopping their even more since they are "in" with these folks apparently and not telling customers the truth.

16. New Key name

Submitted by Anonymous (not verified) on Sat, 07/24/2010 - 11:17.

HKEY_CURRENT_USER\Software\SolutionAV

Same thing just another name...

17. Thanks!! Guide will be

Submitted by technical admin on Sun, 07/25/2010 - 15:28.

Thanks!! Guide will be updated to reflect the changes.

18. I did exactly what was sed on

Submitted by james (not verified) on Mon, 07/26/2010 - 11:36.

I did exactly what was sed on the video, but the tssd file keeps coming back after i delete it... im pretty sure i have other viruses on this laptop, but I dont know what to do.. I delete the tssd file and then don't know where to go from there, b/c i tried downloading avast, but it says the file is infected? Do you have any suggestions?

19. AVG is not going to cut

Submitted by technical admin on Mon, 07/26/2010 - 17:47.

AVG is not going to cut it.

Boot into safe mode with networking. Download Spyware Doctor with antivirus as the guide states and run a full scan there. Ensure you update the client first. In safe mode the threat should not be running. You have a secondary infection "Root Kit" that is most likely re-installing the program. No way to know what the trojan is with out running a full scan. SDA does cost money to remove threats. However the free trial will still scan and block threats. From there you can see what files you need to delete.

20. Initially i rebooted my

Submitted by Anonymous (not verified) on Wed, 07/28/2010 - 05:50.

Initially i rebooted my computer and a message came up whether to run or dont run. I located this folder and deleted this and i was able to get back on the internet however i cannot watch videos etc. i still feel that the virus is still on the computer but i cannot now locate it to delete it. (This was before i saw your post on how to delte it)

21. Did you ever run a scan using

Submitted by technical admin on Wed, 07/28/2010 - 08:59.

Did you ever run a scan using Spyware Doctor with Antivirus? This is the first thing I tell everyone who has issues locating the virus threat. The SDA client will show you exactly were the files are located when you run a FULL scan. From there you can manually delete them. The free trial will NOT remove threats but it's awesome at stopping the threat from getting worse and will show you the exact folder locations of the viruses so you can then browse down to them and manually delete them. You may need to be in safe mode to delete the viruses.

22. I have now run scans with

Submitted by Anonymous (not verified) on Wed, 07/28/2010 - 18:05.

I have now run scans with spyware doctor and malwarebytes but they have not located any threats. I used stopzilla which did locate the threats but then i went to the places that it said the threats were at but they were not there.

23. To be 100% clear here. You

Submitted by technical admin on Wed, 07/28/2010 - 21:35.

To be 100% clear here.

You already removed the Antivir Solution Pro or at least you think you did. Then because you could not watch videos you did more research and found our site. After following our manual guide you could not locate any of the traces to this virus threat. However you feel your computer is still infected because of the video issue.

The SDA client and Malwarebytes found zero threats. You are not being redirected in your browser and Antivir Solution Pro is not popping up on you.

Maybe it is just a video issue and coincidental. Are you trying to watch videos from youtube or your computer?

If youtube then I suggest re-downloading the Adobe flash player and installing it. Perhaps it got corrupt, removed or disabled.

If it's videos on your computer I suggest you download the latest codec pack.

Reply and we can go to the next level if the above does not work for you. At this time from the information you provided I am unsure your actually infected.

P.S. We do not support people via e-mail normally but I'll make an exception here because I'm curious about your issue. Feel free and hit the contact button and describe the issue again. Include a time when you will be in front of your computer so I can remote in if need be.

24. Okay ill give it a go in the

Submitted by Anonymous (not verified) on Fri, 07/30/2010 - 20:36.

Okay ill give it a go in the next 24 hours as i do not have access to my computer at the moment. i think that may be case that the internet got corrupted as everything else seems to be fine apart from internet explorer as not just youtube videos etc dont work i cannot download anything. it just seems to be running quite slower than usual. ill let you no when i reinstall adobe flash player.

25. hey i have removed the virus

Submitted by Anonymous (not verified) on Thu, 07/29/2010 - 12:50.

hey i have removed the virus and re-setted the host file and re-setted ie and i followed every step on the video but when i got on the internet google was still acting strange. The internet redirects me and when i search on google it gives me sites that dont even have the fields i searched in.What do i do?

26. Did you run the FULL scan

Submitted by technical admin on Sat, 07/31/2010 - 17:10.

Did you run the FULL scan with Spyware Doctor with Antivirus? That is the first step to see what you are infected with. From there the answer will very.

It sounds like you have a BHO that is causing the issue. Re-setting IR normally resolves this issue. Run the scan and report back the results

27. I downloaded Spyware Doctor

Submitted by Anonymous (not verified) on Sun, 08/01/2010 - 22:16.

I downloaded Spyware Doctor with Antivirus but I cannot run it because after double clicking it said "Security Warning- Application cannot be executed. The file pctsgui.exe is infected. Do you want to activate antivirus software now?"

28. You can run the client in

Submitted by technical admin on Wed, 08/04/2010 - 13:45.

You can run the client in Safe mode with Networking. Be sure to update the client first. In safe mode it will run. Other wise the virus is blocking it. If you wish to run the client in normal mode you need to follow the manual guide first and stop this process from running

29. i cannot download anything

Submitted by Anonymous (not verified) on Sun, 08/01/2010 - 23:06.

i cannot download anything online including adobe flash player. i am a bit unsure what do next wondering what you would recommend.

30. proxy

Submitted by Anonymous (not verified) on Mon, 08/02/2010 - 05:36.

Ok, the problem i'm having is i cant open "internet options" to change my proxy settings, not even in safe mode. Now what? Help!

31. Reset IE. We have the tool

Submitted by technical admin on Wed, 08/04/2010 - 13:46.

Reset IE. We have the tool in the side bar to do it.

32. I got this last night and

Submitted by Debbie (not verified) on Wed, 08/04/2010 - 00:13.

I got this last night and have removed it. I am very worried in case they have stole personal details. Can this happen with this particular virus and what are the signs??

33. Hi Debbie, While there are

Submitted by technical admin on Wed, 08/04/2010 - 13:36.

Hi Debbie,

While there are programs out there that steal user data this virus alone does not do that. Unless you actually pay for the thing anyways.

To be sure I recommend running a full scan with Spyware Doctor with Antivirus. The nice thing with the free scan is you can dive into the threats and read what PCTools has to say about the threat. In most cases it will not steal personal information.

I would still keep a close eye on your bank account if you use a debit card. The safer practice is to never use a Debit card online. Only use a credit card or better yet Paypal. It's safer because going that route you can get your money back. Using a debit card the bank will just shrug their shoulders and say we can get you a new card but that is it.

34. I just want to be clear on

Submitted by Tom (not verified) on Thu, 08/05/2010 - 05:20.

I just want to be clear on the registry removal instructions. I get that registry entries such as "HKEY_CURRENT_USER\Software\SolutionAV" should be deleted (which I did), but the entries such as HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "RunInvalidSignatures" ="1"
... Should I delete these entries, or make sure that the value is the one listed?? For example in this entry, are you saying the value should be "1"... or do I just delete the entire entry??

35. The problem with registry

Submitted by technical admin on Thu, 08/05/2010 - 13:21.

The problem with registry keys is you may actauly want that value on for some other software program you may have. However that is unlikely. This registry key basically means "Allow software to run or install even if the signature is invalid". This is a big no no in most cases. By changing the "1" to "0" we basically turn this value off.

This can be SUPER confusing for most people. It is also dangerous for people who do not know what they are doing to poke around in the registry. We are very hesitant to actually straight out tell people what they should change the value to because we can not be held liable for any damages. However this is a great question and I'm surprised more people do not ask it.

36. No tssd file

Submitted by JC (not verified) on Thu, 08/05/2010 - 09:04.

I have located the wierdly named folder, there are two actually, but there is no tssd file in either of them. Both of the folders say the date modified was the day I tried to get rid of the virus, so at least they have to be connected to AntiVir. What do I do?

37. What is the folder name and

Submitted by technical admin on Thu, 08/05/2010 - 13:23.

What is the folder name and location?
What files are in the folder?
Did you run a full scan using Spyware Doctor with Atnivirus. If you are having troubles downloading the client or installing it you will want to go into safe mode with networking and install it there. Be sure to run the FULL scan. This will tell you the exact file name that you need to manually delete.

With out knowing the above we really can't help much.

38. Computer is slow slow slow

Submitted by Matt (not verified) on Fri, 08/06/2010 - 05:12.

I had the Antivir virus so I went in to safe mode like you said and I downloaded Spyware Doctor w/ Antivirus. I ran the full scan, and I actually went ahead and purchased it and removed all of the threats it found on my computer. After completion it asked me to reboot, so I did. Now, the antivir virus appears to be gone because I can actually get on the internet now. But everything is running extrememly slow. All programs take forever to open, and the internet takes forever to open up pages. Also, after I rebooted, my desktop changed (icons were rearranged and my background picture had changed). So I shut down and rebooted in safe mode again, and everything runs fast and smooth while in safe mode.

Any idea why everything has slowed down so much? I'm thinking I may have other issues than the ones deleted w/ Spyware Doctor. But all of my programs were running fine even while I had the Antivir virus (except for the internet of course). Any help would be appreciated. Thanks

39. Glad to see you got rid of

Submitted by technical admin on Fri, 08/06/2010 - 12:25.

Glad to see you got rid of the virus. Or at least it seems that way. What I would do is boot into safe mode with networking and download Malwarebytes and run a scan with that just to ensure everything is gone. If it picks something else up then great. It may not because like you said your purchased the SDA client and everything seems to be good except your computer is really slow.

If the above does not work I would uninstall the SDA client and reboot. See if your computer runs faster with out the client installed. If you notice a huge difference in speed it means you most likely have little computer memory to handle a good solid internet security product. I would still re-install the client again but perhaps leave out things like the browser defender and see if that does not help pickup more speed.

I recommend no less then 2G's of ram. 4 Gig's is the recommended amount of memory. You can see how much memory is installed on your computer under the properties tab of the Computer or MY Computer Icon. If it's less then 2g's I would Google memory configuration and look up your model to see what type of memory your computer can use and what the cost is.

If your computer is very old and lets say it only has 512MB of memory then running any security client that is up to date for 2010 will cause a BIG decrease in system performance.

Let us know if you find the root cause. I'm interested.

40. Think I got it but IE not working

Submitted by Evie (not verified) on Sat, 08/07/2010 - 13:24.

Got this virus and think I was able to get rid of by using Symantic Antivirus...did a Live Update and then ran a full scan...it found 6 or so files after which I had to reboot my computer and now everything seems to be back to normal.

However the ttssd file is still in my prefetch folder. Do I still need to rename it and go through the processes of deleting the registries? How do I delete registries?

IE doesn't seem to work it says it cannot display the webpage?

Think I need to switch to FireFox!

41. The answer to your question

Submitted by technical admin on Sun, 08/08/2010 - 01:24.

The answer to your question is already in the guide. Read it again and follow the proxy removal vid.

If you want to learn how to remove or edit registry keys you can go under the how to guides section and read that article.

You do not have to re-name the file the the prefetch folder. I would still delete it but it really does not matter.

42. Spyware Doctor

Submitted by Aimee (not verified) on Sun, 08/08/2010 - 08:27.

Hi first thaks for such a great video, I as able to follow step by step and remove the virus...and then bought spyare doctor to be able to clean my comp, the problem as that a day ater the antivir pro came back again, I will do the scan and at the end it ill say no threats detedtec evendough the antivir as running. i don't understand hy it is not pickig it up, I had to go back to your video and deleted it manually again. Is this going to keep happening, for tp days every time I turn on my comp the virus ius back. Please help. Thaks

43. Here is what I would do

Submitted by technical admin on Sun, 08/08/2010 - 12:05.

Here is what I would do because you already purchased the SDA client.

1. Ensure the product is fully up-todate
2. Run a FULL scan on my computer.
3. Download Malwarebytes, install, run full scan at the same time as the SDA scan. We are using a second client to ensure nothing is being left over by the first security client. SDA does a great job at blocking threats and removing them in the first place so you must have a rootkit on your computer that is re-installing this virus before the SDA client is up and running on boot. The above steps should solve this issue for you.

You may also want to take a look at the start-up Menu. Go to the run/AKA Search box. Type in MSCONFIG . Than select the Startup tab. Under there go through and look for any very wierdly named files. Pay close attention to Temp file locations and System32 locations. If there is something there that looks really off, chances are it's what is re-installing the threat. Un-check the box and see if that stops the threat. My guess is if the SDA client does not pick it up after a full scan you may have to wait a day or so for another update that will include whatever rootkit is installing this threat. PCTools also offer free support so you may just want to go that route as well.

44. I do not have a local folder in the user folder.

Submitted by Anonymous (not verified) on Sun, 08/08/2010 - 10:08.

I can't find it. I've searched for it, but its not there. I'm using Windows Professional, and I'm currently in Safemode with networking.

45. As stated in the video the

Submitted by technical admin on Sun, 08/08/2010 - 11:39.

As stated in the video the path for XP is %Documents and Settings%\[UserName]\Local Settings\Application Data\[random characters ]\[random characters]tssd.exe.

You do have a local Settings folder. Again as stated in the guide it is a hidden folder. Watch the video. You need to either un hide the folders or manually type in the LocalSettings path.

46. Registry Keys

Submitted by kjaffa (not verified) on Sun, 08/08/2010 - 11:31.

So i removed the tssd files and all that nonsense. (ended processes and whatnot) but upon entering regedit not one of the keys mentioned above seemed to exist.. this might be because the second in saw signs of this crap i shut down and booted in safe to prevent further damage until i had a game plan. the only thing is one registry key CURRENT_USER/Software/wpyyaxvbft remove this? thanks

47. When it comes to registry

Submitted by technical admin on Sun, 08/08/2010 - 11:42.

When it comes to registry keys and the potential to really screw things up on your computer We can not tell you what to delete and not to delete. Does this look like a false entry to me? Yes. Would I delete it? Yes. But before all of that I would of ran a full scan with Spyware Doctor with Antivirus to let it tell me if this was really a threat to remove or not.

In the end the choice is yours and your alone but if it was my computer I would delete that funky name because it just looks wrong.

48. Hey I found this link

Submitted by andrew (not verified) on Wed, 08/11/2010 - 15:09.

Hey I found this link describing the same registry files you were talking about. I had the same ones and removed all the ones listed here. Hope this helps LINK REMOVED ( did not contain manual removal instructions )

49. i have the antivir virus so i

Submitted by matt (not verified) on Mon, 08/09/2010 - 16:00.

i have the antivir virus so i tried to boot my laptop in safe mode but it just keeps on freezing while it loads up. do you have any ideas on how to fix this?

50. Hard to answer the question

Submitted by technical admin on Tue, 08/10/2010 - 13:13.

Hard to answer the question with out knowing what OS you are using. Does it boot into normal mode? If so you can still follow the guide and remove the threat in normal mode. I have removed this threat about 30 times now and do it in normal mode almost every time. Try the guide and if you have a question on a specif step please ask.

As far as not being able to boot into safe mode your computer may be missing some core OS files. You can always use the backup computer disc to do a soft system restore.