Solved

xp total security 2011 removal ?

Posted on 2011-03-08
4
919 Views
Last Modified: 2012-05-11
wow, this program is tough.
i am not sure what to do.
i cant reach the malware tools online (spydoctor, i've read)
because this virus keeps taking control of IE.  
how can i disable it long enough to install spydoctor (or some other, better program)?
0
Comment
Question by:droldham
4 Comments
 
LVL 7

Expert Comment

by:jrwarren
Comment Utility
1) Download malwarebytes executeable to USB drive.
2) Boot the machine in safe mode w/networking.
3) Logon as local admin
4) install malwarebytes

--- If you receive the error that the installer is not running, you may need to create a new local admin account in safe mode.  reboot into normal mode and log onto the new account.  Install malware, log off.  Reboot to safe mode w/networking.  Log on as the original local admin - remove the new account.

5) Execute malwarebytes and update it.
6) log off an on every account, in safe mode, on the machine and execute malwarebytes.
7) load normal mode
8) log into each account and execute malwarebytes.

After this is done there is more work to be completed to ensure a fully clean machine is achieved, but this will get you so the virus is not fully active and is functional enough to allow you to browse the web without recontaminating yourself.

0
 

Expert Comment

by:sithunml
Comment Utility
There is huge list of program from microsoft "Sysinternals tools", you can reach them at "http://live.sysinternals.com/" or "http://technet.microsoft.com/en-us/sysinternals/bb545027" find the running process with Porcess Explorer "http://technet.microsoft.com/en-us/sysinternals/bb896653" and kill the process that you suspect.
And try to install your favorite anti virus program.
0
 
LVL 35

Accepted Solution

by:
torimar earned 500 total points
Comment Utility
Please check this detailed removal guide, and follow it by the letter:
http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011

Note: This malware comes along under many different names; do not worry if the page name linked to above seems to be for another software: your problem is covered.
0
 

Author Closing Comment

by:droldham
Comment Utility
so far, so good - having another computer was key to this process so that i could dowload programs to CD and transfer to the patient - i fear that i would'nt have been able to fix without it...this is a nasty virus!  thank you for your help!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now