We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Malware "XP Internet Security 20102"


tapyeno

Likes # 0

I had the malware: “XP Internet Security 2012” on my computer. It disabled my firewall till I corrected it with AVG. I was unable to remove it and it lept telling me I had dangerous Trojans on my PC. I looked it uo and foiund it was a virus irself! I found when I tried to open Spybot pop ups would come saying Spybot was a dangerous virus. The same message came when I tried to load the “Microsoft Malicious Removal Tool” I tried using System Restore to see if that would help, but again the same message came up saying that was a harmful virus.

All of a sudden my AVG kicked in and a message came up saying that I had malicious malware on my computer and did I want to quarantine it. The message had the AVG Logo on it so I trusted it, and it removed it. I am no longer getting pop-ups or messages from “XP Internet Security 2012.” However, now I have a new problem! When I try to open programmes such as i-tunes, internet explorer, spybot and even hearts then I am now getting a box appearing asking me what I want to open the programme with. I am unable to open them from the Start Menu or from the Desktop! I tried ‘System Restore’ and got the same message.

I managed to open Internet Explorer by going to Owner/ Favourites and then clicking on an icon there and Internet Explorer came on. I presume that this “XP Internet Security 2012” has done some damage to my PC!

Any suggestions?

Like this post
rawprawn

Likes # 0

Like this post
tapyeno

Likes # 0

The PC running very peculiarly. Would the virus have been removed by AVG or would it still be lurking in the background? (I am using another one here!)

Like this post
buteman

Likes # 0

Try this just to see if it helps.

To remove false security programs

  1. Turn off computer ,then turn on and start tapping F8
  2. When the Advanced startup options appear Select Safe mode With Networking
  3. Open internet explorer goto google.com ,download Hitman pro "32-bit or 64-bit depending on your Os"
  4. Run Hitman pro ,let this scan the computer
  5. Activate Free Licence
  6. Reboot Pc

Infection Removed..!

Like this post
Taff™

Likes # 0

Rawprawn's link is the one I used this week to remove this from a client computer. The instructions are on Bleeping Computer website Removal Instructions and the method that works is headed:

"Automated Removal Instructions for Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 using Malwarebytes' Anti-Malware:"

Like this post
tapyeno

Likes # 0

Pop-ops have now stopped since AVG apparently quarintined "XP Internet Security 2012" I have also scanned with Hitman Pro as recommended above.

PC acting strangely though. I am unable to open programmes from Start Menu or from Desktop. Keep getting the box "Open With" To open Internet Explorer am having to go to my 'favoutites' folder and open it from there!

Have tried System Restore, but am getting the message "rstrui.exe is not a valid win 32 application."

Do I need to go through the process of removing the Malware again or is it another problem I need to address which was probably caused by the Malware?

Wouls appreciate some advice.

Thank you

Like this post
Taff™

Likes # 0

On the bleeping computer site the instructions included running FixNCR.reg which should restore the functionality to executable files. Did you read that and follow the full Bleeping Computer Instructions? Im afraid that AVG quarantining and running HitmanPro doesnt fully cure it.

Like this post
tapyeno

Likes # 0

Thanks to all for their help. Used Removal Instructions on Bleeping Computer website and my PC is fine again!

Pat

Like this post
Taff™

Likes # 0

Great stuff! Can we have some ticks for resolved on the post as well?

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...