Volcano Security Suite is a new rogue antispyware program from the same family as Windows System Defender and Windows Enterprise Defender. It is installed from fake “Free Spyware Scanner” that displays that your computer is infected with variety of threats and that you must install the software to clean your computer. The software is a trojan that will install Volcano Security Suite and create numerous files with random names that are made to appear as infections, but are in reality harmless.
Once Volcano Security Suite is installed, it configures itself to run automatically every time, when you start your computer. Once running, Volcano Security Suite will begin to scan the computer and list previously created files as infections to trick you to buy the paid version of the software. All of these infections are fake, so you can safely ignore them.
Volcano Security Suite
While Volcano Security Suite is running, it blocks Task Manager and legitimate antivirus and antispyware programs (Kaspersky Antivirus, DrWeb, AdAware, McAfee, Norton AV, …). Your computer will display fake warning and fake security alerts from your Windows task bar. Some of the alerts:
System alert
Potentially harmful programs have been detected on your
system and need to be dealt with immediately. Click here to
remove them with Volcano Security Suite.
Warning! Your computer is infected
Warning! Found!
Threat detected:
File name: LEGACY_TRUSTWARRIORSVC
Volcano Security Suite can be safely removed from your computer along with any other trojan infections if the proper steps are taken. Use the free instructions below to remove Volcano Security Suite and any associated malware from your computer.
More Volcano Security Suite screen shoots
Symptoms in a HijackThis Log
O4 – HKLM\..\Run: [Volcano Security Suite] “C:\Documents and Settings\All Users\Application Data\1dc89\VSeda.exe” /s /d
O4 – HKCU\..\Run: [avgsys] regedit /s “C:\DOCUME~1\comp\LOCALS~1\Temp\664655.reg”
Use the following instructions to remove Volcano Security Suite (Uninstall instructions)
Download HijackThis from here and save it to desktop.
Doubleclick on the HijackThis.exe icon on your desktop for run HijackThis. HijackThis main menu opens.
Click “Do a system scan only” button. Look for lines that looks like:
O4 – HKLM\..\Run: [Volcano Security Suite] “C:\Documents and Settings\All Users\Application Data\1dc89\VSeda.exe” /s /d
O4 – HKCU\..\Run: [avgsys] regedit /s “C:\DOCUME~1\comp\LOCALS~1\Temp\664655.reg”
Place a checkmark against each of them. Once you have selected all entries, close all running programs then click once on the “fix checked” button. Close HijackThis.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Volcano Security Suite infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start Volcano Security Suite removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Volcano Security Suite creates the following files and folders
%UseProfile%\Application Data\Volcano Security Suite
C:\Documents and Settings\All Users\Application Data\VSSSys
C:\Documents and Settings\All Users\Application Data\1dc89\VSeda.exe
%UseProfile%\Application Data\Volcano Security Suite\cookies.sqlite
%UseProfile%\Desktop\Volcano Security Suite.lnk
%UseProfile%\Start Menu\Volcano Security Suite.lnk
%UseProfile%\Start Menu\Programs\Volcano Security Suite.lnk
%UseProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Volcano Security Suite.lnk
Volcano Security Suite creates the following registry keys and values
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Volcano Security Suite
Thanks to this website for helping me sort this problem out with volcano.
Afghan fucking puffs if i had it my way i would get newk the lot of um, no fucking about – saying they want $40 to sort when its a fucking conn, you conning dirty cunts, they only want the money to buy more weapons and explosives to shoot our soldiers. WELL IT AINT FUCKING HAPPENING. BYE
Thank you guys, the volcano thing was giving me a hard time
Charlie Boy South Africa