Security Suite description
Security Suite is a rogue anti-spyware application which spreads via trojan. Malware is also a clone of AV Security Suite scam. The parasite is another addition to the long lists of rogue security application that will cause annoyances on your computer. With the aid of trojan infections, spam emails and various websites it tends to be affiliated one can easily fall victim to this dubious application.
Once installed it will display fake system security warnings and then will prompt you to buy a full version of this program to remove threats that don’t even exist. Security Suite will imitate computer scans and will flood your computer with fake warning messages. For example:
Security Warning
Application cannot be executed. The file notepad.exe is infected. Do you want to activate your antivirus software now.
Windows Security Alert
Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan your computer. Your system might be at risk now.
Antivirus software alert
INFILTRATION ALERT
Your computer is being attacked by an internet virus. It could be a password-stealing attack, trojan – dropper or similar.
Threat: BankerFox.A
Do you want to block this attack? Yes or No
Do not believe anything malware shows or offers. This dubious program can’t provide any actual security service. However, Security Suite can hijack your browser to deceptive websites that sell the program. Avoid purchasing it but choose decent anti-spyware program and terminate the parasite upon detection.
Manual Security Suite Removal
Security Suite registry values:
HKEY_CURRENT_USER\Software\wnxmal
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:6522"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache "%UserProfile%\Desktop\flash_player_installer\flash_player_installer.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ""
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" ="1"
Help: How to edit windows registry entries
Other malicious Security Suite files:
%UserProfile%\Local Settings\Application Data\\
%UserProfile%\Local Settings\Application Data\\shdw.exe
Trackbacks /
Pingbacks