My computer is infected with a spyware called “XP Internet Security”. Although it sounds like an official security program, it is actually an annoying virus like program that snuck on to my computer and I can’t remove it. It pops up every time I open any application and I have to shut it off each time. I looked it up and found out it was nothing more then a malicious form of spyware.
So, I decided to go to Best Buy to see if they sold any spyware removal software which could remove it. I was referred to the Geek Squad. The Geek Squad agent told me that she knew exactly what the issue was and I would have to bring in my computer and pay 200.00 for them to wipe my system of it. She said there is no other way.
However, when I did a search online I found that the recommended thing to do my numerous websites and review sites was to get something called “Spyware Doctor” which will remove it. But, the Geek Squad agent told me I wouldn’t even be able to download it. So, I downloaded the free “scan only” version, which downloaded just fine. Should I continue with buying the full version to fix the problem or was the Geek Squad agent correct that it won’t work?
Chosen Answer:
Geek Squad is rarely correct. The spyware may give you trouble trying to download and install programs that remove it. That’s how they work. They disable the programs that can be used to removed them. But there’s ALWAYS a way around it. This usually involves starting in Safe Mode and doing malware and virus scans from there. Don’t waste your money with Geek Squad.
by:
on: 24th February 10
Posted in 
Tags: 
Geek Squad is rarely correct. The spyware may give you trouble trying to download and install programs that remove it. That’s how they work. They disable the programs that can be used to removed them. But there’s ALWAYS a way around it. This usually involves starting in Safe Mode and doing malware and virus scans from there. Don’t waste your money with Geek Squad.
yes, it’s a bug, no you don’t need to pay $200 to get it fixed.
go to malwarebytes.com and run their free malware scanner.
there get a good antivirus, antimalware package and install it.
Use this guide to remove XP Internet Security
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-vista-2010
you don’t need to buy any program
follow the instruction carefully and read the whole thing, after removing the fake antivirus you will have to fix you .exe file association (they provide the fix with a downloadable reg file)
No Spyware doctor has a starter version which is free and can remove. But Xp internet security is a rogue, which will block most of them from installing anyhow. Shows you how to remove rogues, but works for other viruses too (By me):
http://www.youtube.com/watch?v=eGVWQgtCvtg
Use combofix from bleepingcomputer.com, then download malwarbytes(you may need to rename the installer/setup to something like winlogon.exe to be
able to run or install it) from malwarebytes.com or softpedia.com, then clean the rest of the virus with superantispyware and Hitman Pro 3.5 from
softpedia.com/cnet.com and just in case you do have a rootkit on your system use GMER from majorgeek.com(Use gmer to scan and anything in red
delete.)
Future Protection use this wizard to recommend security protection for your system:
http://www.techsupportalert.com/secwiz
or go to safe mode and then do the above:
To get into Safe Mode with Networking:
1. Log out and reboot your machine.
2. When the machine starts the reboot sequence, press the F8 key repeatedly.
3. Select Safe Mode with Networking from the resulting menu.
Note: Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware.
Or Manually:
Terminating the process:
1.I verify that a Rogue is present. This isn’t hard, since it’s usually popping up just about every few seconds.
2.Click CTRL-ALT-DELETE (if it’s available)
3.Click Task Manager
4.Click Processes
5.Find a process that usually contain all numbers. For example 2342342.exe. If you do not see all numbers then your rogue has a name
like…SystemSecurityPro.exe or GreenAV.exe…etc.
6.Select that process and click end process.
7.At this point the rogue process has been terminated.
Removing Rogue Anti-virus that is named with random numbers.
or If you can’t open task manager then use Rkill from http://download.bleepingcomputer.com/grinler/rkill.com
1.Click Start
2.Click Run (or for Vista/Win7 type in the start search box)
3.For windows xp type: C:\documents and settings\all users\Application Data and click OK. A window will open containing a folder with about 8
numbers. Your Rogue is in there. Delete that folder/Rename it (Restart the computer).
4.For Windows Vista/Win7 type C:\users\all users (C:\Users\User\AppData) in the “start search” box and click enter. Your randomly named folder with
about 8 digits should be in there. Delete it/Rename it (restart the computer).
Removing Rogue Anti-Virus that has a name like System Guard Pro, AV2010, etc
1.Open Windows Explorer.
2.Open your C:\ drive.
3.Open Program Files
4.Find the Rogue and Delete the folder.
This will eliminate the rogue from running, but not clearing everything from your system. Use malwarebytes to clean the rest and the method I show you at
first to remove all the virus you have if neccessary.
If not seek an expert. Good Luck!
First, you need to decide whether or not your data is worth saving. While your first answer might be, no – think twice – there could be favorites, documents, spreadsheets, pictures, financial stuff, school stuff, etc. You get the idea. If you can’t backup yourself, find someone that can do it for you. At Debug911 we backup and restore your data and your Operating System. In addition we guarantee that we can restore your computer to a working state without you losing your data. That service is just a little more than you were quoted. if you want to learn more, visit our website at http://www.debug911.com
…
I am not impressed with the Geek Squad.
Download Malwarebytes for free, and use this guide; it’s very useful for removing rogues like yours.
http://www.bleepingcomputer.com/virus-removal/how-to-use-malwarebytes-anti-malware-tutorial
And then think of a good way to spend 200$