Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Has anyone removed Internet Security 2010 successfully?


  • This topic is locked This topic is locked
14 replies to this topic

#1 sodina

sodina

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 13 February 2010 - 11:36 AM

hello.

i was infected with this nasty thing like a month ago.
i tried every method possible including anti-malware, combo fix, hitman pro and even formatting the drive.
but IS 2010 always found its way back to my pc. in the end, i got to the point where my drive couldnt get
past the bios screen to start windows installation process. so i had to throw that drive away and installed windows
on one of my other drives. so far, its been spyware free.

so i guess what i am asking here is has anyone removed Internet Security 2010 successfully?
if so, please share your experiences. also, id appreciate it if someone can recommend me a good anti-spyware
for real-time monitoring.

thanks.

BC AdBot (Login to Remove)

 


#2 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 PM

Posted 13 February 2010 - 12:54 PM

Personally, I would recommend using either Avira AntiVir Free/Personal edition or avast! for an antivirus program, just be sure that you only have 1 anti-virus program installed on your machine

For a firewall I would recommend Comodo, please note that the Comodo firewall installation also includes an Anti-virus program, if you decide to choose another anti-virus (not Comodo), then please be sure to only install the firewall, you will be prompted during installation if you want to install just the firewall, or the firewall and the anti-virus.

The on-demand anti-malware scanners I recommend are Malwarebytes Anti-Malware and SUPERAnti-Spyware.

For additional protection, SpywareBlaster is a great program to protect you from visiting malicious sites, and blocking tracking cookies. Note that SpywareBlaster isn't an actively running program. You download it, run it once, and then make sure you update it every week or 2 and you will always be protected. It works by tweaking some IE and Firefox settings to block tracking cookies and provide additional protection.

#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,081 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:10:48 AM

Posted 13 February 2010 - 09:04 PM

You could look here: Remove Internet Security 2010 (Uninstall Guide) too.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#4 sodina

sodina
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 13 February 2010 - 10:12 PM

You could look here: Remove Internet Security 2010 (Uninstall Guide) too.


thats the first thing i tried when i was infected with IS 2010. anti-malware somewhat removed IS 2010, but as soon as i turned it off, google search results were being redirected to a random site. besides, i couldnt possibly run anti-malware 24/7 as it was constantly showing warning pop-ups during normal browsing.
i was able to fix the redirecting problem using combo fix, but IS 2010 found its way back to my pc a few weeks later.
im just surprised that theres a virus out there that cant be fixed with the formatting.

im thinking of purchasing nod32 once i get my new drive.

#5 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 PM

Posted 14 February 2010 - 10:39 AM

thats the first thing i tried when i was infected with IS 2010. anti-malware somewhat removed IS 2010, but as soon as i turned it off, google search results were being redirected to a random site.


Hi, that redirect was probably caused by the TDSS rootkit, which may or may not have been installed by IS 2010. A reformat would be your best option

These items are part of a very nasty rootkit.

IMPORTANT NOTE: One or more of the identified infections was related to a rootkit component. Rootkits and backdoor Trojan are very dangerous because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoor Trojans and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

If your computer was used for online banking, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Although the rootkit was identified and removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because the rootkit has been removed the computer is now secure. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

? "When should I re-format? How should I reinstall?"
? "Help: I Got Hacked. Now What Do I Do?"
? "Where to draw the line? When to recommend a format and reinstall?"

#6 sodina

sodina
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 14 February 2010 - 11:38 AM

Hi, that redirect was probably caused by the TDSS rootkit, which may or may not have been installed by IS 2010. A reformat would be your best option


okay, heres what happened.

1. got infected with IS 2010.
2. somewhat fixed it using every method possible.
3. IS 2010 came crawling back a few weeks later.
4. formatted the os drive.
5. somewhere in the process of installing softwares and whatnot, pc would reboot itself showing blue screen error messages.
6. upon reboot, IS 2010 came back.
7. rather than trying to fix it with anti-malware, i decided to format the drive again.
8. popped in windows cd and try to boot from it to start the installation process. wasnt able to get past the bios screen.
couldnt even get to the message saying press any key to boot from a cd, blah~ blah~
9. gave up and installed the windows on one of my other drives. everythings been fine without any help of anti-spyware.

i guess i couldve low-formatted the drive that i was having a problem with. but was so frustarted and tired to do it at the time. still am in fact.

Edited by sodina, 14 February 2010 - 12:24 PM.


#7 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:48 PM

Posted 14 February 2010 - 12:55 PM

Well since you are on a new drive, as long as you didn't transfer over any infected files, you should be fine :thumbsup:

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:48 PM

Posted 15 February 2010 - 11:26 AM

If this is an XP system
Reformatting a hard disk deletes all data. If you decide to reformat, you can back up all your important documents, data files and photos. The safest practice is not to backup any autorun.ini or .exe files because they may be infected. Some types of malware may disguise itself by adding and hiding its extension to the existing extension of files so be sure you take a close look at the full name. After reformatting, as a precaution, make sure you scan these files with your anti-virus prior to copying them back to your hard drive.

The best proceedure is a low level format. This completely wipes the drive. Then reinstall the OS.
Use the free version of Active@ KillDisk.
Or Darik's Boot And Nuke

The best sources of Information on this are
Reformatting Windows XP
Michael Stevens Tech
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 sodina

sodina
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 15 February 2010 - 08:27 PM

what the...
new drive came in today -> installed xp sp3 -> somewhere between the software (winrar, coreavc, cyberlink powerdvd and so on) installation i had to reboot.
IS 2010 came back. i used combo fix to fix it, then ran various anti-wares to remove any remaining i can find.
i dont even know what to think at this point. is my ip address being attacked or something??

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:48 PM

Posted 15 February 2010 - 09:56 PM

I think the smartest thing here is to get a deeper look at everything here.

You will need to Download and Run DDS which will create a Pseudo HJT Report as part of its log..
If for some reason you cannot perform a step, move on to the next.
Please follow this guide. go and do steps 6 thru 8 ,, Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.

Let me know if it went OK.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 sodina

sodina
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 15 February 2010 - 10:08 PM

is backing up data absolutely necessary?
if it is, ill do this once my new 1.5tb drive comes in.
if not, ill go ahead and do it right away.
let me know.

thanks.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:48 PM

Posted 15 February 2010 - 10:19 PM

Well we ask that as there is always a chance of a computer problem with malware removal. Tho' it doesn;t happen often,it's our only safeguard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 sodina

sodina
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 15 February 2010 - 11:07 PM

Well we ask that as there is always a chance of a computer problem with malware removal. Tho' it doesn;t happen often,it's our only safeguard.


well then, i guess ill do it tomorrow.
as of right now, i have nothing in my c: which i use as an os drive, and i have about 1.5tb of data in d: and e:.
so im guessing i should be safe.
will get back to you in the new thread with the log.

thanks for your quick response here.

#14 sodina

sodina
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 16 February 2010 - 04:11 PM

i started a new thread in hijack section, so you can go ahead and close this one.

http://www.bleepingcomputer.com/forums/t/296293/complete-removal-of-internet-security-2010/

thanks.

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:48 PM

Posted 16 February 2010 - 04:52 PM

Thank you!!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users