Internet Security 2013 is rogue anti-virus that scares users of computers that it has compromised with fake antiviral scan results. You may come across this particular virus by visiting compromised websites. Once on these sites, legitimate looking security warnings are displayed that many unsuspecting users click on. Once the pop ups are clicked on, the virus infects the website visitor's computer with minimal user input. The Internet Security 2013 virus then makes changes to the compromised computer system's registry and in some cases it's Internet connection settings as well.
To successfully remove the virus, you'll need to download three utilities and they include:
You'll need to download the three files on a clean computer and then transfer them to the infected system by burning them on a cd or copying them to a flash drive.
How to remove the Internet Security 2013 virus
- First, start the compromised computer into "safe mode with Command Prompt"
- At the login screen select an account with administrative rights
- Once in safe mode, insert the cd or flash drive with the utilities that you downloaded.
- Next navigate to the cd drive or flash drive at the command prompt by typing the drive's drive letter. If you burned the files on a cd, the drive letter will probably be "D" or possibly "E". So at the command prompt you would type "D:" or "E:" without the quotations.
- Next type "Dir" at the prompt to display a list of the directory contents, just to make sure you're on the correct drive
- Next, execute the copy of "rKill" by typing "rkill.exe" at the command prompt. It will terminate any malicious virus processes that are running currently on your computer.
- After it has completed, execute the copy of "Combofix" by typing "combofix.exe" at the prompt. If combofix displays a warning about your currently installed anti-virus being active, you'll need to disable the real time protection of the anti-virus by navigating back to the "C" drive by typing "C:" and then type "Explorer" to start the Windows Explorer. Quickly disable your anti-virus and then press "Clt, Alt & Delete" together and start the "Task Manager". Once the task manager is open, select the processes tab and then click on "Explorer" and then click on "End Process" in the lower right corner.
- Assuming that your anti-virus is now disabled, click the "enter" key at the "Combofix" prompt to continue with it's scan of your system. It will take 15 minutes or more to complete.
- After combofix has completed, install the copy of "Emsisoft Antimalware" from the external drive by typing "emsisoftantimalwaresetup.exe" at the prompt.
- Run a complete system scan with Emsisoft Antimalware and afterwards, quarantine any threats that it finds on your system.
- And last check your network settings and host file for any modifications that the virus may have made. You'll accomplish this by:
- Opening Internet Explorer. Then click on the "Tools" drop down and then "Internet Options"
- Next click on the "Connections" tab and then click on "Lan Settings"
- If the "Proxy Server" option is checked, uncheck it.
- Next, you'll need to check your Windows Hosts file for any changes.
- Click on start, and then "My Computer" and then "Local Disk C"
- Next navigate to C:\WINDOWS\system32\drivers\etc
- Double click on "Hosts" file and select to open with "Notepad
- Your hosts file should look similar to the file pictured below. Normally there should be only a single line of: 127.0.0.1 localhost. If there are any additional lines and ip addresses, remove the additional lines and then save and close the file.
Afterwards restart the computer in normal mode and check for any remnants of the Internet Security 2013 virus. Delete any remaining shortcuts to it and check your web browser for Internet connectivity. At this point the virus should be gone, but if there are still indications of it, such as pop ups or strange search results in your web browser, then you’ll need to contact a professional virus removal specialist to resolve your situation.
Smith Technical Resources makes no guarantees or claims that the information contained in this article will help you completely remove the above listed malicious program(s) from your computer. There are several variations of each particular virus in the wild . And the procedure listed above may not be adequate for the specific version of the virus that your computer has been compromised by.
If you feel uncomfortable performing any of the procedures that we've listed on this page, please contact a professional computer repair company in your area and have them complete the needed repairs on your computer. Smith Technical Resources takes no responsibility for any possible damage that could result from your use of the above instructions.