Welcome to remove-malware.net

How to remove Security Suite rogue anti-spyware

Malware Description:
Security Suite (from Security Suite Inc.) is the new name in the malicious underworld of computer technologies. By its true essence, Security Suite is a rogue anti-spyware application coming from the same family as Antivir Solution Pro – a real nasty badware tool that succeeded in tricking thousands of PC users out of their money. Security Suite is being distributed in a variety of ways, blackhat SEO and fraudulent social engineering being the dominating one. On the first stage of its invasion, the malware drops a trojan virus on to the targeted computer system. This little yet really nasty parasite does the preliminary manipulations with your workstation. It creates a few Registry entries so that the executable named [random]shdw.exe gets triggered every single time you boot into Windows. This process is solely responsible for the entire mess Security Suite is all about. On the output, you will be encountering the following symptoms. Security Suite will keep on generating bogus malware alerts, for example the notorious warning message stating that you got BankerFox.A trojan on your computer. Security Suite will also be sure to hijack the web browser and totally restrict the list of websites you can visit. To be more precise, you will barely be able to navigate to any domains aside the ones associated with Security Suite promotion. The whole obnoxious activity of Security Suite on your computer pursues one basic goal – to make you believe your machine is indeed infected and then ask for some money that you’ll be expected to pay online when going through the program registration. Do not buy Security Suite, ever. That’s our main advice. If you get this infection on your computer, you may first think it’s not going away unless you actually purchase it. That’s a wrong statement. Although Security Suite prevents you from using antivirus software and other random programs, it is removable. Basically, there are a few methods. But first, you should be aware of this. You may discover that your Internet connection had been disabled by the rogue. To fix this, do the following: open Internet Explorer, go to Tools, Internet Options, hit Connections tab, then click LAN settings. You should now see an interface where you should untick the option reading Use a proxy server for your LAN. Please save the changes by clicking Ok button twice (just follow the prompts). After this, you can proceed to the cleanup procedure proper. What you need to do is this:
Restart your computer and quickly open Task Manager (Ctrl+Alt+Del). Unless you do it within seconds after reboot, Security Suite may keep you from doing it – so once again, it’s critical to be as quick as you can. Once Task Manager is opened, hit ‘processes’ tab and locate a process that ends in shdw.exe. Terminate this process immediately. If you succeed, go ahead and follow our instructions pertaining to Security Suite removal (see below).
Another method is to restart your PC in Safe Mode (via F8 key during startup) and perform the same steps.
We are looking forward to your feedback on this issue. Good luck getting your computer back to normal!

Malware Type: Rogue Anti-Spyware

Malware Author: Security Suite Inc.

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Security Suite Free Scanner and Remover: Download Now

Security Suite Screenshot:

How to remove Security Suite manually:
Manual removal of Security Suite is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.

The files to be deleted are listed below:

• %UserProfile%\Local Settings\Application Data\{random}\
• %UserProfile%\Local Settings\Application Data\\{random}shdw.exe

The registry entries that need to be removed are as follows:

• HKEY_CURRENT_USER\Software\wnxmal
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter “Enabled” = “0″
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:6522″
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = “1″
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “{random}”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache “%UserProfile%\Desktop\flash_player_installer\flash_player_installer.exe”
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “{random}”
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyEnable” =”1″

Please, be aware that manual removal of Security Suite is a cumbersome process and does not always ensure complete deletion of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal Security Suite, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Related Articles:

How to remove Volcano Security Suite rogue anti-spyware
How to remove Live Security Suite rogue anti-spyware
How to remove AV Security Suite rogue anti-spyware
How to remove Windows Security Suite rogue anti-spyware