Endpoint Protection

 View Only

  • 1.  XP internet security 2010

    Posted Mar 01, 2010 06:02 PM
    Hi All,
    Can anybody please help for the "XP internet security version 2010" having malware in the PC.& how to get rid out of this.


    Regards,
    Mandar


  • 2.  RE: XP internet security 2010

    Posted Mar 02, 2010 11:28 AM
    Hi here are some things to try.  First scan with the anti virus on the PC make sure it is updated.  If the virus is not gone do a free online scan from Housecall or another anti virus maker, remove what it finds.  Serach Symantec for XP internet security version 2010 for a removal tool then run the tool.  If noen of that cleans up the PC time to wipe.
    good luck
     


  • 3.  RE: XP internet security 2010

    Posted Mar 02, 2010 11:35 AM
    Follow the steps of Virus troubleshooting -

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007011014341948

    If you followed these steps and have uploaded the latest definitions and your AV still does not detect, then try removing this threat with Malware Bytes or Hitman Pro.

    http://malwarebytes.org/

    http://www.surfright.nl/en/hitmanpro


  • 4.  RE: XP internet security 2010

    Posted Mar 03, 2010 10:29 AM
    If I have SEP with current maintenance why should I have to use a third party tool?   I have this same infestation on a PC (second time no less) and SEPwill not find it despite multiple references on other vendors websites.


  • 5.  RE: XP internet security 2010

    Posted Mar 03, 2010 10:56 AM
    Just for info, the SAV Corporate 10.1.9 version doesn't detect this rogue virus...


  • 6.  RE: XP internet security 2010

    Posted Mar 05, 2010 10:31 AM
    If you have XP Internet Security 2010, then a lot of virus and spyware scanners just don't install or work when this rogue is activated. XP Internet Security 2010 will shut down these scanners such as malware bytes and even has some issues with Norton.

    However, what you can try to do is this:

    Reboot your computer, and BEFORE XP Internet Security 2010 gets a chance to load, open task manager (ctrl + alt + del).
    If you do this after the malware has loaded, then it will most likely close task manager.

    Once task manager is up, look for the .exe file for XP Internet Security 2010, which is av.exe
    Select that file and hit end process

    That should temporarily stop XP Internet Security 2010 and allow you to run whatever virus remover you want.

    Hope that helps, for Symantec compatible removal instructions, check manual removal instructions at XP Internet Security 2010


  • 7.  RE: XP internet security 2010

    Posted Mar 05, 2010 10:38 AM
     Find and Delete These XP Internet Security 2010 Files
     
    %UserProfile%\Local Settings\Application Data\av.exe
    %UserProfile%\Local Settings\Application Data\WRblt8464P
    %UserProfile%\AppData\Local\av.exe <In Antivirus Vista 2010 & Win 7 Antispyware 2010>
    %UserProfile%\AppData\Local\WRblt8464P <In Antivirus Vista 2010 & Win 7 Antispyware 2010>
     
    Remove These XP Internet Security 2010 Registry Values:
     
    HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\av.exe” /START “%1″ %*
    HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\av.exe” /START “%1″ %*
    HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\av.exe” /START “%1″ %*
    HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\av.exe” /START “%1″ %*
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\av.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\av.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\av.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″