WiredWX Hobby Weather ToolsLog in

 


Remove Internet Security 2010 [Removal Guide]

+55
dklahn4
blizzard
webmafia
lozfiddes
sylviapack
til601
onlyonesweetpea
Dr Jay
Denis-huahin
poprex911
kjb917
Vineda
wish4simpletechnology
jbrown09
countryloghomes
cedor04
Vanilla
chrmd03
femmenik
TonyR
OktoberSky
NOOB9876
The Vacuumist
patrick1
annikbirnbaum
Hummer 81
brentalous@gmail.com
jamiedee1999
escal_team
newgeek2010
nb2010
BillFleming01
Liquid_snake
jkrank82
AtiMan
sparker781
Doobie1357
queenbee
gingers2sweet
bill27
maximillio
marten_larsson
LDukey
bakersdozen
pivve
0s1r1s
jay jones
taylordewd
Mr. M
norjeff
DarkS0ul
murph23
hcp72
Muxiop
Doctor Inferno
59 posters

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 Emptyosiris

more_horiz
I do agree with you. This was someone elses machine that I was working on, and I just used the programs he had on there. 5 years ago, Spybot and Adaware were the best programs out there, now it seems like they don't really do much. On my machine I use Malwarebytes and AVG free. Malwarebytes is the most effective, I might just donate money to them for putting out such a useful, free product.

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 Emptythe dicotomy of antimalware software

more_horiz
LDukey wrote:
I do agree with you. This was someone elses machine that I was working on, and I just used the programs he had on there. 5 years ago, Spybot and Adaware were the best programs out there, now it seems like they don't really do much. On my machine I use Malwarebytes and AVG free. Malwarebytes is the most effective, I might just donate money to them for putting out such a useful, free product.


Hey dude. Fair enough - I carry a flash drive with lots of goodies on it, including AVG and MBAM for this reason. But I can't always get them to install if something like this has entrenched itself. boo hiss. (Keeps me in business though)
I guess it's a lot like the audio download software: Kazaa, KLite, Limewire and Soulseek. After a while ones gets replaced by the next - although in the case of Limewire, that became obsolete because morons started filling it up with viruses and trojans. boo hiss x2

Anyway. Stay safe dude. Cheesy Grin (sparkly

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 Emptysafe mode

more_horiz
the cpu said that it didnt work.


I think you mean the operating system. The cpu is a component of the computer, the brains if you will. The operating system is the consciousness, or personality.


the infected file is located in "c:\windows\system32\drivers\uwtnhuf.sys"

It sounds like you might need to dump all your system restore points as it's most likely hiding in there. This is not unusual. I'd run a FULL scan with MBAM and then with your anti virus software and see if that fixes it. If not, download and install CCleaner from THIS LINK to uninstall your system Restore points. CCleaner is also good for cleaning up all the temporary files and giving your registry (the oil in your engine) a once over; like getting a service on a car.

It's not my guide, but let me know how you go. Right On!

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
0s1r1s wrote:
the cpu said that it didnt work.


I think you mean the operating system. The cpu is a component of the computer, the brains if you will. The operating system is the consciousness, or personality.


the infected file is located in "c:\windows\system32\drivers\uwtnhuf.sys"

It sounds like you might need to dump all your system restore points as it's most likely hiding in there. This is not unusual. I'd run a FULL scan with MBAM and then with your anti virus software and see if that fixes it. If not, download and install CCleaner from THIS LINKto uninstall your system Restore points. CCleaner is also good for cleaning up all the temporary files and giving your registry (the oil in your engine) a once over; like getting a service on a car.

It's not my guide, but let me know how you go. Right On!




ok finally made my way into "safe mode" scanned with mbam and didnt find anything!

went back to "normal mode" and scanned still there. and i did full scans earlier today with mbam and norton 360...and tonight i uninstalled norton 360 and installed AVG instead Smile... but didnt find anything with that either!

so gonna try CCleaner now seems like my last way out!

edit: sorry to say Ccleaner didnt help i deleted all my restore points except the lastest one because the program wouldnt let me hehe.

so now im clueless what to do? Sad tearing

wouldnt it work if go into "safe mode" and delete the uwtnhuf.sys file the one that is infected?
or maybe i wouldnt be able to start up the OS again? and then restore XP afterwards?

might sound like the worst idea ever! Goofy hehe

but im running out off options Sad tearing or maybe a full re-install of the computer?

edit2: looked around on the forum found a threadTHIS LINK with a dude that has the same problem as i have gonna follow that through tomorrow and hopefully get rid of this thing! atleast he did Cheesy Grin (sparkly

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyKilled my XP system

more_horiz
The malwarebytes stuff did not work, folks. It's apparently figured out how to prevent the main file from executing.

My stepson got this on his old XP laptop which I had unfortunately neglected to sufficiently protect. I managed to disable the virus by going through and using movefile from sysinternals to change the location of the files, but when I installed avira to scan and fix the infection, I stepped into some kind of landmine that bluescreened the system. When it comes up now there is NO bootloader, no nothing. Just a blank screen.

I really would like to know where this thing is coming from because the appropriate authorities need to be notified, the site serving this piece of garbage up needs to be shut down, and the individuals responsible need to be arrested and jailed for destruction of property. This is an incredibly aggressive and destructive program which appears to have no other purpose than to permanently destroy people's computers.

Just a warning: if you get this, prepare to kiss your system goodbye. I'm an MCSE with 14 years of experience in the desktop OS world and I've never seen such a spiteful little scrummy dirtworm of a virus. Conficker was a walk in the park compared to this piece of crap.

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
wouldnt it work if go into "safe mode" and delete the uwtnhuf.sys file the one that is infected?

you mean you didn't try that first?? Ah Jeez. Perhaps I should have said something about that too. Definitely try deleting it.

CCleaner is just a registry and file cleaner. You have to get rid of it first and then this app will go in a clean up the mess.

You didn't need to uninstall Norton - it would have been better to install AVG, saw if it found anything and if it did, then uninstall Norton. I hope you have the installer still - in case you need it.

If worst comes to the worst, you'll probably need to reformat your hard drive and reinstall XP. But 90% of the people who have been infected by this thing have resolved it from this forum. If that's not working for you then it may be something else entirely. Try that guide and if that doesn't work I'd suggest you weigh up your options between further cleaning - preferably manually - and a rebuild.

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
You know. This is why I always suggest to people that they have TWO hard drives on their desktops and that laptops have their hard drives partitioned. This way you can change the location of your My Documents folder to the second hard disk and save everything else of value to this second area by default.

If anything goes pear-shaped with the O.S. partition, it's not too much of a problem. Sure it means a lot of reinstalling but in the end your data is safe. And that's the priority.

I only wish I could find out who the people are who make these things because I would quite happily cut their balls off and feed them to them.

0s1r1s' guide to reinstalling:

Infection detected > EEK! > Attempt elimination > Fail > NOOOO! > Safe Mode mayhem > Fail > FRAK!!! > Format > gulp! > reinstall O.S. > yawn! > reinstall software > red bull and/or yawn x2 > configure > grrr! > back up and running > yay! > Updates > Oh FFS! > Bandwidth fragged for another month > (note to self: use ghost to create an image of the basic installation next time!) > Fin

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
hehe yeah you are right i re-installed windows instead! 😉

and i didnt loose to much i have a backup drive! only thing i dont like is to reinstall everything! Sad tearing takes forever. but atleast now its done! Smile...

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
I appear to be out of options, but I hope someone can tell me I'm wrong. I boot the computer and hit F8 to go into safe mode, but once there wherever I try to go takes me to my "Welcome" page and it won't let me go beyond that. I tried downloading the Malwarebytes on the computer I'm using now and then copying it and downloading it on the infected computer, but it will not allow me access to it. I was able to run a scan with AVG and Spybot, which were already installed on the computer, and they removed several infections, but nothing seems to be helping this problem. It seems the more progress I attempt to make, and think I'm making, the worse the problem becomes the next time I try to access the computer. I've tried everything these messages say to do, but it either doesn't work or I can't access the program period. What can I do?

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
i cannot install the malwarebytes it says error message 707(3,0)what else can i do the computer shop wants 50 dollars and says it might not even work,and then they want 75 to erase the hard drive and reinstall windows if it doesnt work please help if u can

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
I really need help or otherwise I am going to snap. I downloaded this program and it detected the viruses. I restarted the computer and now I can't login AT ALL!!! I don't have the money to go to geeksquad or whatever. I don't know what else to do. This is devastating for me because I use this computer for everything. Please can someone help!!!!!

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
Ok, I see there are alot of other first time posters on here as well! This is one nasty little critter and I think I almost have it licked but I can't get the computer to connect to the internet.

I ran that MBAM and it took care of it pretty good but it must still be hanging around somewhere. The office network is running fine (i.e. we can all still print through the computer) so it's not that the wireless connection isn't working. Any ideas?

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
Upon further review, I have found that when I go to open the wireless connections I get this statement where the networks would usually be:

"Windows coannot configure this wireless connection

If you have enabled another program to manage this wireless connection, use that software.

If you want Windows to configure this wireless connection, start your Wireless Zero Configuration service. For more information about starting the WZC service, see article 871122 in the Microsoft Knowledge Base on Microsoft.com website."

That is verbatim. Notice there are some punctuation errors and the such. Sounds kinda fishy. What do you guys think? What should I do?

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyConfused

more_horiz
DarkS0ul wrote:
Yes it was one of the first things I fixed:

Fix the path for userinit (Change C:\ to reflect your path): So use the UBCD4win and make sure the path and file are correct. That will fix the login logout loop.

Code:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"


Not sure how to do this part?

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
Uh oh. Now I got something that looks bad goin on.

AVG says Threat Detected!
File name: C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1\A0002105.exe
Threat Name: Trojan Horse SHeur2.CFOA
Detected on Open.
Process name: C:\WINDOWS\system32\svchost.exe
Process ID: 1216

I hope I'm wrong when I'm thinking the virus, which has seemingly been wiped off the computer, has somehow managed to get into the svchost file. What should I do? Is it in the restore points now too?

descriptionRemove Internet Security 2010 [Removal Guide] - Page 2 EmptyRe: Remove Internet Security 2010 [Removal Guide]

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum