Remove Windows Security Suite. Removal instructions
Windows Security Suite is a rogue anti-spyware program advertised and installed through the use of malware. The program was created by the same group of people who have released Spyware Protect 2009 and Antivirus System Pro. Windows Security Suite is just another scam used by scammers to scare you into buying this useless application. Most importantly, don’t purchase it. It is a waste of time and money, that’s why you should remove this infection from your computer as soon as possible.
Once installed, Windows Security Suite will modify certain Windows registry entries in order to protect itself. Basically, it will disable or make it difficult to run such security applications as Kaspersky Antivirus, Avast, DrWeb, Symantec, Panda, Zone Alarm, McAfee and others. It might be rather difficult for you to remove WindowsSecurity Suite with these programs.
While running, this parasite will ostensibly scan your computer and display numerous infections. These infections, though, are all fake. It’s just an old trick used by almost all rogue applications to make you believe that your PC is infected. What is more, the program will constantly display fake security alerts. These alerts will pop-up every 1-2 minutes and won’t go away very easily. The fake security alerts produced by Windows Security Suite:
“Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to remote computer!”
“Windows Security Suite Process Control
An unidentified program is trying to access system process address space”
WindowsSecuritySuite will also hijack your Internet browsers. It will create a custom and of course fake search tool. In the Internet Explorer this tool is very similar to Windows Live search, in Firefox it impersonates Google search tool. The search results come form Search-gala.com instead of Google or Windows Live search. Some of these search results may be links to malicious software or other parasite.
If your computer is already infected with this rogue program, please use the removal guide below. It explains in details how to get rid of Windows Security Suite and related malware from your PC manually for free.
Related files: 26.mof, mozcrt19.dll, sqlite3.dll, WI345d.exe, WINSS.ico, working.log, vd952342.bd, winss.cfg, Windows Security Suite.lnk, cookies.sqlite, Instructions.ini, ANTIGEN.drv, CLSV.exe, DBOLE.drv, dudl.sys, energy.dll, grid.dll, grid.sys, kernel32.dll, PE.dll, PE.tmp, runddl.dll, sm.dll, snl2w.exe, std.exe, tempdoc.dll, search.xml
Windows Security Suite properties:
• Changes browser settings
• Shows commercial adverts
• Stays resident in background
Windows Security Suite snapshot:
Automatic Windows Security Suite removal:
(2012-04-10 10:42:22)
Windows Security Suite manual removal:
Kill processes:
WI345d.exe CLSV.exe snl2w.exe std.exe
how to kill malicious processes
Delete registry values:
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\WI345d.DocHostUIHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “698909210803”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Windows Security Suite”
how to remove registry entries
Unregister DLLs:
mozcrt19.dll sqlite3.dll energy.dll grid.dll kernel32.dll PE.dll runddl.dll SM.dll tempdoc.dll
how to unregister malicious DLLs
Delete files:
26.mof mozcrt19.dll sqlite3.dll WI345d.exe WINSS.ico working.log vd952342.bd winss.cfg Windows Security Suite.lnk cookies.sqlite Instructions.ini ANTIGEN.drv CLSV.exe DBOLE.drv dudl.sys energy.dll grid.dll grid.sys kernel32.dll PE.dll PE.tmp runddl.dll SM.dll snl2w.exe std.exe tempdoc.dll search.xml
how to remove harmful files
Delete directories:
c:\ADWARE_LOG
c:\Documents and Settings\All Users\Application Data\345d567
c:\Documents and Settings\All Users\Application Data\345d567\WINSSSys
c:\Documents and Settings\All Users\Application Data\WINSSSys
%UserProfile%\Application Data\Windows Security Suite
Information updated: 2012-04-10 08:05:07