Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

XP Internet Security - Rogue Program

XP Internet Security - Rogue Program

XP Internet Security - Rogue Program

I have this program on one of my computers called "XP Internet Security".  It is definitely not part of "Microsoft Security Essentials".  I did a search on this program, and I saw a posting that indicated it is a virus.  The posting stated exactly what this program is doing to my computer.  When I try to download a legitimate program, it warns me that the program is a serious security threat, and will not allow the action.  Because this program is so insidious, I was directed to download some tools to a flash drive on a different PC, then follow some instructions to use this downloaded fix. Has anyone ever heard of this issue, and if so, any idea where I can find a valid solution?   The infected computer OS is XP.



RE: XP Internet Security - Rogue Program

Common issue.  There are multiple fix sites that have downloadable stuff to help remove this series of malware.

Good luck with it.  this can be a real pain to eliminate.

Ed Fair
Give the wrong symptoms, get the wrong solutions.

RE: XP Internet Security - Rogue Program

I believe it is commonly called antivir, often with a date like antivir2010.  This forum has several threads dedicated to its removal.

RE: XP Internet Security - Rogue Program

Quote (Ktwhite):

I was directed to download some tools to a flash drive on a different PC, then follow some instructions to use this downloaded fix.

Did you follow these instructions so far?  It sounds like you already found a solution.

Anyway, if you can boot your computer to safe mode with networking, then you may can get what you need that way.  With some of these, it's more difficult than with others.

Easiest way to get to safe mode with networking would be to straight reboot the machine (button, not Windows Restart) or kill the power without shutting down... then upon startup, it should ask you if you want to go into safe mode.... safe mode with networking.... last known good config... normal.  If not, then press <F8> repeatedly just before Windows should start up, and it'll give you the same options.

Whether you download the apps on a separate machine or not, then a combination/variation of these should do the trick:

1. Malwarebytes Antimalware
2. SuperAntiSPYWARE
3. CCleaner
4. RegScrubXP (if this is Windows XP
5. Advanced System Care Free
6. Glary Utilities

I've listed the above in order of relevance and likelihood of removing the threat.

Also, what AV program are you using?  the 2 best, my opinion, detection and protection-wise, currently, are Microsoft Security Essentials and Avira Antivir.  You can use them together as well, though one will probably suffice.

And a good 3rd party firewall may also assist in not getting infected again:  Try Online Armor or Comodo Firewall / Internet Security.  If you go with the Internet Security suite, I'd suggest disabling the antivirus as it gives WAY too many false positives, and isn't very strong besides the false positives.

You can get all the above at www.download.com, except for RegScrubXP (hasn't been supported for quite some time), which you can get at www.majorgeeks.com - still seems to work very well on Windows XP based machines (32 and 64 bit).

Also, in all this process, make sure you turn off System Restore to flush any traces there, and then turn back on after you've removed the threat.

And before you do any of the above, be sure to consider - what will be the most beneficial method:  Seeking and Eliminating; or just a flat reformat and reinstall of Windows, and necessary apps.

Also, if this is a personal machine, you can use the installer at http://ninite.com to install many of your favorite apps after a reinstall, or if you want to use it to install the mentioned security programs (some of them, anyway).

If it's a store-bought PC (OEM such as Dell, HP, Acer, etc), then you can also get www.pcdecrapifier.com after a restore from restore image to clean off anything you don't want... it basically makes that task much easier than finding everything manually.  You may still have to do a little manual clean-up afterwards, but it works better than searching out every uninstall file, b/c they aren't all as obvious as you'd think.

RE: XP Internet Security - Rogue Program

On a radio program last night they mentioned to download MB from CNET's site (download.com) as that parent site for MB had been targeted and compromised because the product works too well.

RE: XP Internet Security - Rogue Program


Then again, I suppose that Malwarebytes' pockets may not be deep enough to put up enough protection like others such as Microsoft.  I suppose it was only a matter of time, really.

RE: XP Internet Security - Rogue Program

Thanks everyone for the great solutions.  I did manage to download the following programs which seemed to help quite a bit:

1. Malwarebytes Antimalware
2. SuperAntiSPYWARE

Before that however, I downloaded this program called Rkill which shuts the spyware down, but does not remove any of the rogue program.  This allowed me to install the programs you guys suggested, and so far so good.  So thank you very much.


RE: XP Internet Security - Rogue Program

Yeah, I've seen that Rkill mentioned a few times here, but haven't tried it myself.  I need to make a note to get a copy of it to have handy, and try it some time.  Glad you got your system fixed.

RE: XP Internet Security - Rogue Program

Rkill is good, but not for all malware.  TDSSKiller is good for that little nasty.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close