Posted 20 August 2010 - 11:54 PM
First, I want to say thanks to Bleeping Computer for being here!
We loaned a computer to a friend, and now it is infected with Security Suite. I've read all the posts I can find here about how to remove it, and tried to follow through with all the instructions, but I cannot remove it. The computer will not connect to the internet, although the internet connection by proxy is not checked.
This is what I have done so far; I was able to download Malwarebytes with another computer, copy to a cd, and use that to install it on the infected computer, while it was running in safe mode. It found a number of malware files, which were removed. I restarted the computer, and Security Suite was right back with the bogus messages.
Then I found Bleeping Computer through Google, and read about rkill.exe. I downloaded the iexplore.exe version to the uninfected computer, copied to CD, and tried that on the infected computer, still in safe mode. After multiple tries, it found 1 process. I left it open in place and ran Malwarebytes again. No more malware was found. I restarted the computer in normal mode. Security Suite is still there. I reran iexplore.exe, it found a couple more things, I left it open and reran Malwarebytes, which found nothing. I installed Super Anti Spyware, which is a suggestion in one of the threads here, ran that and it identified several more malware files and deleted them. Security Suite remains.
I tried looking in the Task Manager, but don't see anything that shouldn't be there.
I can't download things directly to the infected computer, since I cannot connect to the internet.
If someone could suggest where to go from here, I would be very grateful.