Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Scan-evading Security Suite infection

  • Please log in to reply
1 reply to this topic

#1 prehensile


  • Members
  • 1 posts
  • Local time:05:28 PM

Posted 07 September 2010 - 08:44 PM

Hello there lovely selfless malware-solving people,

My gf's laptop has managed to contract a nasty case of Security Suite. After Googling around a bit, I found the removal instructions on this site:

which I followed through. Crucially, MBAM didn't detect anything when booted in Safe Mode. When in normal mode, rkill.com (or its renamed variants, iExplore.exe & eXplorer.exe) were killed by SS before they could terminate it.

After a bit more searching, I found this thread, again, on this site:

Which recommends running ATFCleaner and SUPERAntiSpyware in addition to MBAM, which I've also done (again, in Safe Mode, because SS won't let me run _anything_ {including rkill} in normal mode). SAS didn't find it either.

So, to recap, here's what I've tried so far:

1) Installing & running MBAM in Safe Mode.
2) Installing & running SUPERAntiSpyware in Safe Mode
2) Installing & running & ATF Cleaner in Safe Mode.

Nothing even detects Security Suite, let alone removes it. However, booting up in normal mode and there it is, popping up its warnings and preventing the execution of anything, _including_ rkill.com (even when renamed to iExplore.exe or eXplorer.exe).

One thing to note: because we're connected to the internet via mobile broadband, I'm having to install these packages by downloading them on my Mac, copying to thumbdrive and installing from that on the laptop, since SS makes it impossible to run the mobile connection manager there. This also means that it's impossible for those apps to auto-update their definitions once they're installed on the laptop, so it's possible that this is a variant of SS not covered by the definitions bundled with the apps' installers.

Any help gratefully recieved :thumbsup:

BC AdBot (Login to Remove)


#2 cryptodan


    Bleepin Madman

  • Members
  • 21,868 posts
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:28 AM

Posted 08 September 2010 - 01:00 AM

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users