The prolific and frustrating VUNDO trojan family is currently in the process of bringing a new gift to those with the misfortune of being infected with the vundo trojan. This is a new rogue antivirus application known as Volcano Security Suite. It appears as though it may be delivered by attack sites (sneak downloads) as well as via the vundo trojan. Of course, it’s not a legitimate security suite and brings or creates files so that it can complain that they are virally infected and pose a threat to your computers security. Read on for more information about how to remove volcano security suite.
Among the files that volcano security suite creates to complain about are:
The files are harmless although it will claim that they are infected and cannot remove them unless you pay for Volcano Security Suite (surprise, surprise, surprise!) Other things this rogue does is alter the registry so that attempts to run antivirus programs result in other applications being launched instead. It also hijacks web browsing through internet explorer and searches will be pushed through search-gala.com. There will also be random errors along these lines in Internet Explorer:
This tab has been recovered
A problem with this webpage caused Internet Explorer to close and reopen the tab.
Internet Explorer has closed this webpage to help protect your computer
A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.
Windows Data Execution protection detected an add-on trying to use system memory incorrectly. This can be caused by a malfunction or malicious add-on.
We are unable to return you to google.ca.
Internet Explorer has stopped trying to restore this website. It appears that the website continues to have a problem.
When a website causes a failure or crash, Internet Explorer attempts to restore the site. It stops after two tries to avoid an endless loop.
First off you should download malwarebytes antimalware and process explorer from the virus removal toolkit page. You will likely need to either 1) rename the malwarebytes installer file to something else to allow it to install and run 2) reboot into safe mode to install malwarebytes or 3) follow through with a more manual install until you are able to install and run malwarebytes antimalware.
For manual removal the following running processes are associated with Volcano Security Suite and should be killed off using task manager or process explorer. If you are unable to run task manager or process explorer you may try renaming the program file (taskmgr.exe for instance) to another file name. (Copy and paste, then rename is safest.)
The following dlls should be unregistered and removed:
The following files and folders should be removed for a manual removal of volcano security suite:
%docs%All UsersApplication Data61a60
%docs%All UsersApplication Data61a60VS83b.exe
%docs%All UsersApplication DataVSSSys
%docs%All UsersApplication DataVSSSysvss.cfg
%userprof%Application DataMicrosoftInternet ExplorerQuick LaunchVolcano Security Suite.lnk
%userprof%Application DataVolcano Security Suite
%userprof%Application DataVolcano Security Suitecookies.sqlite
%userprof%DesktopVolcano Security Suite.lnk
%userprof%Start MenuVolcano Security Suite.lnk
%userprof%Start MenuProgramsVolcano Security Suite.lnk
Even after the above files have been removed you should install and run a full scan with a tool such as malwarebytes and a trusted antvirus program to complete your volcano security suite removal.
Related PostsRelated Posts
- How to Remove SoftStronghold | Soft Stronghold Removal Guide SoftStronghold is the latest rogue antivirus application in the LONG line of Wini rogues... Softveteran was the most recent (see the softveteran removal guide) but.... SoftCop (see the SoftCop removal guide.) But, the line goes much further back.... Softsoldier (How to remove SoftSoldier), ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal......
- How To Remove Alpha Antivirus (Removal Guide) There is a new rogue among us. It appears that Alpha Antivirus has replaced Personal Antivirus as one of the latest rogue security programs. This particular rogue installs through online "scans" (popups.) The reason I say "scans" is they're essentially animations of a scan (every one that visits the site......
- How to Remove Personal Security | Personal Security Removal Guide Personal Security is a rogue antivirus application that comes from the same (dreaded) family as the Cyber Security rogue. It usually installs on the users computer without the permission of the computer user. Once installed on the system it will then perform supposed scans finding lots of virus infected files......
- Free Internet Security Suite Free iolo Internet Security for 1 Year Brave The New Web With Confidence for FREE Now for the 1st entry into the new Freebies Category, for FREE you get this nice, not so little program requiring 256MB of RAM that detects, blocks, and removes viruses, rootkits, worms, and trojans as......
- Free Internet Security Suite FREE Avira Premium Internet Security Software 6 month license Avira Internet Security Suite 9 is a comprehensive extremely high performance and detection internet security suite complete with a virus scanner and more which offers protection from both known and unknown malware threats. With built in GameMode, Backup and RescueCD you......
- Bitdefender VS Malwarebytes In a recent lab test, we decided to see what software is better at finding Malware. On a machine running Bitdefender we decided to install and run Malwarebytes to see if it would pick up anything. And it did. Bitdefender has been sitting on: Trojan.Downloader Trojan.FakeAlert Disable.SecurityCenter Malwarebytes picked up......
- How to Remove Windows System Defender | Removal Guide
- How to Remove Windows Enterprise Defender (Removal Guide)
- How to Remove Windows Enterprise Suite | Removal Guide
- How to Remove Windows PC Defender | Windows PC Defender Removal
- Remove Total Security 2009 | TotalSecurity 2009 Removal