Best Black Friday Deals 2017
I had the malware: “XP Internet Security 2012” on my computer. It disabled my firewall till I corrected it with AVG. I was unable to remove it and it lept telling me I had dangerous Trojans on my PC. I looked it uo and foiund it was a virus irself! I found when I tried to open Spybot pop ups would come saying Spybot was a dangerous virus. The same message came when I tried to load the “Microsoft Malicious Removal Tool” I tried using System Restore to see if that would help, but again the same message came up saying that was a harmful virus.
All of a sudden my AVG kicked in and a message came up saying that I had malicious malware on my computer and did I want to quarantine it. The message had the AVG Logo on it so I trusted it, and it removed it. I am no longer getting pop-ups or messages from “XP Internet Security 2012.” However, now I have a new problem! When I try to open programmes such as i-tunes, internet explorer, spybot and even hearts then I am now getting a box appearing asking me what I want to open the programme with. I am unable to open them from the Start Menu or from the Desktop! I tried ‘System Restore’ and got the same message.
I managed to open Internet Explorer by going to Owner/ Favourites and then clicking on an icon there and Internet Explorer came on. I presume that this “XP Internet Security 2012” has done some damage to my PC!
The PC running very peculiarly. Would the virus have been removed by AVG or would it still be lurking in the background? (I am using another one here!)
Try this just to see if it helps.
To remove false security programs
- Turn off computer ,then turn on and start tapping F8
- When the Advanced startup options appear Select Safe mode With Networking
- Open internet explorer goto google.com ,download Hitman pro "32-bit or 64-bit depending on your Os"
- Run Hitman pro ,let this scan the computer
- Activate Free Licence
- Reboot Pc
Rawprawn's link is the one I used this week to remove this from a client computer. The instructions are on Bleeping Computer website Removal Instructions and the method that works is headed:
"Automated Removal Instructions for Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 using Malwarebytes' Anti-Malware:"
Pop-ops have now stopped since AVG apparently quarintined "XP Internet Security 2012" I have also scanned with Hitman Pro as recommended above.
PC acting strangely though. I am unable to open programmes from Start Menu or from Desktop. Keep getting the box "Open With" To open Internet Explorer am having to go to my 'favoutites' folder and open it from there!
Have tried System Restore, but am getting the message "rstrui.exe is not a valid win 32 application."
Do I need to go through the process of removing the Malware again or is it another problem I need to address which was probably caused by the Malware?
Wouls appreciate some advice.
On the bleeping computer site the instructions included running FixNCR.reg which should restore the functionality to executable files. Did you read that and follow the full Bleeping Computer Instructions? I
m afraid that AVG quarantining and running HitmanPro doesnt fully cure it.
Thanks to all for their help. Used Removal Instructions on Bleeping Computer website and my PC is fine again!
Great stuff! Can we have some ticks for resolved on the post as well?
This thread is now locked and can not be replied to.