Solved

How to remove Security Protection

Posted on 2011-09-07
9
456 Views
Last Modified: 2012-05-12
This computer is infected with a Rogue named "Security Proytection." I ran Rogue Killer and it picked it up and stopped it, I thought. When I went to run Malwarebytes, it starts the scan then shuts down after less than a minute. I tried both in safe mode and regular. The file association with the shortcut seems to be broken after that brief run. I went to properties>find target and tried to run from there , bubt no joy. I installed HiJackThis; it scans but the logfile ( or report) disapears immmediately after running.
Ideas?
0
Comment
Question by:atf3doc
  • 5
  • 3
9 Comments
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 36495208
Follow this guide from Bleeping computer for its removal.
http://www.bleepingcomputer.com/virus-removal/remove-security-protection
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 36495226
If executables won't run use the .exes fixes listed in this article.
http://www.experts-exchange.com/A_6209.html


If no joy, use inherit.exe to make the program runs.
Download inherit.exe by sUBs.
http://download.bleepingcomputer.com/sUBs/MiniFixes/Inherit.exe
Drag the program's executable file into the inherit.exe and wait for it to say OK.


"I installed HiJackThis; it scans but the logfile ( or report) disapears immmediately after running."
Use the above-mentioned inherit.exe(not with Hijackthis), and also use ComboFix or Kaspersky's Removal tool.
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.


Kaspersky Removal tool.
http://www.kaspersky.com/antivirus-removal-tool?form=1
0
 

Author Comment

by:atf3doc
ID: 36504125
rpggamergirl, I knew you would come through for me on this. I am in the process of runnig your suggested programs now. Will update results as they happen. Thanks
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 

Author Comment

by:atf3doc
ID: 36504402
Kapersky Removal Tool was the only one I could get to run. It detected three and said they would be removed on restart. After restarting, I have nothing except desktop wallpaper, no icons, no start menu and no ability to do anything. I manually shut it down and restarted in safe mode...same deal ...nothing. I am going to try a repair install and work from there.
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
ID: 36507266
Even with inherit.exe no programs was able to run but Kaspersky's removal tool?
The removal tool as it seems wasn't able to successfully removed the infection or wasn't successfully disinfect explorer.exe.

The repair install should fix the damaged explorer.exe then you could try other tools to make sure the system is clean(using inherit.exe to make them run if you didn't yet), or try using them in safe mode and see if they run.
0
 

Author Comment

by:atf3doc
ID: 36507661
The more I work on this the worse it gets. During the repair install I am now getting BSOD at about 37 minutes into "Installing Windows" I have gotten two BSOD's:
IRQL_NOT_LESS_OR_EQUAL
Stop:0x0000000A (0x54890472, 0x00000002, 0x00000000, 0x8050F911)

BAD-POOL-CALLER
Stop:0x000000C2 (0x00000007,0x00000CD4,0x1207003,0x8687A508)

I removed the video card and set video to integrated

Got: BAD-POOL-CALLER
Stop: 0x000000C2 (0x00000007,0x00-0000CD4, 0x86677DC0, 0x86686768)

I couldn't find these error codes to enlighten me as to the problem. I am now running CHKDSK from Recovery Console. Then will try agin to do a repair install. If no joy, I will pull the HDD and copy data
then do a clean install. Don't know if I have multiple problems or if Security Protection is a mean actor.

By the way I had tried the Bleeping Computer method of removal before you mentioned it. No joy.
Thanks for your help and support. I really need it on this one.
atf3doc
0
 

Author Comment

by:atf3doc
ID: 36507668
I also ran a bootable MEMtest. Memory passed. I reseated both modules.
0
 

Author Comment

by:atf3doc
ID: 36507786
CHKDSK said it found and fixed one or more errors on the volume. It has gone to 29 minutes now on the repair install "Installing Windows" Keep your fingers crossed.I am going to run Hard drive diagnostics also when we get booted back up.18 minutes to go. Hooray!
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question