How To Easily Remove "Internet Security 2013" Virus

Internet Security 2013 is a computer virus, which pretends to be a legitimate security program and claims that malware has been detected on your computer. If you try to remove these infections, Internet Security 2013 will state that you need to buy its full version before being able to do so.

Internet Security 2013 trojan targets users browsing Internet websites, and rely on social engineering to deliver its payload.
On infected or hacked websites users are prompted by a pop-up window that has been carefully crafted to resemble a legitimate security warning. These pop-up windows typically alert a user of a computer infection, and then prompt the user to download and install Internet Security 2013 to resolve the apparent issue.
Some of the infections may have come from users downloading an infected codec file when they were trying to watch a video online, or users who receive a spam email and open an infected email attachment.

Once installed, Internet Security 2013 will be drop a random malicious file in a random folder under C:\Documents and Settings\All Users\Application Data\, in XP, or C:\ProgramData, in Windows Vista, Windows 7, and Windows 8.
When Internet Security 2013 is installed on a computer, it will be configured to automatically start when you login to Windows. When it starts it will automatically perform a scan of your computer, then Internet Security 2013 will falsely report that it is infected with a variety of computer infections. If you try to clean these infections, though, Internet Security 2013 will state that you first need to purchase a license of the program before you will be allowed to do so.

Internet Security 2013 will display fake security alerts that are designed to think that your data is at risk or that your computer is severely infected.These messages include:

Security Warning
Malicious program has been detected. Click here to protect your computer.

Firewall Warning
Hidden file transfers to remote host has been detected.
has detected a leak of your files through the Internet. We strongly recommend that you block the attack immediately.

In reality, none of the reported issues are real, and are only used to scare you into buying Internet Security 2013 and stealing your personal financial information.

As part of its self-defense mechanism, Internet Security 2013 virus has disabled the Windows system utilities, including the Windows Task Manager and Registry Editor, and will block you from running certain programs that could lead to its removal.
This rogue antivirus has also modified your Windows files associations, and now whenever you are trying to open a program, Internet Security 2013 virus will block this operation and display a bogus notification in which will report that the file is infected.

iexplore.exe can not start
File iexplore.exe is infected by W32/Blaster.worm. Please activate Internet Security 2013 to protect your computer.

If your computer is infected with Internet Security 2013 virus, then you are seeing the following screens:

Internet Security 2013 is a scam, and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy Internet Security 2013 as this could lead to identity theft, and if you have, you should contact your bank and dispute the charge stating that the program is a scam and a computer virus.

Registration key for Internet Security 2013 “designed to protect”
As an optional step,you can use any of the following license keys to register Internet Security 2013 and stop the fake alerts.
Internet Security 2013 Activation Key: Y68REW-T76FD1-U3VCF5A

Please keep in mind that entering the above registration code will NOT remove Internet Security 2013 from your computer , instead it will just stop the fake alerts so that you’ll be able to complete our removal guide more easily.

Internet Security 2013 – Virus Removal Guide

This page is a comprehensive guide, which will remove the Internet Security 2013 2013 infection from your your computer. Please perform all the steps in the correct order. If you have any questions or doubt at any point, STOP and ask for our assistance.
STEP 1: Start your computer in Safe Mode with Networking
STEP 2: Run RKill to terminate Internet Security 2013 malicious processes
STEP 3: Remove Internet Security 2013 virus with Malwarebytes Anti-Malware Free
STEP 4: Remove Internet Security 2013 rootkit with RogueKiller
STEP 5: Remove Internet Security 2013 infection with HitmanPro

STEP 1 : Start your computer in Safe Mode with Networking

Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.
When the computer starts you will see your computer’s hardware being listed. When you see this information start to gently tap the F8 key repeatedly until you are presented with the Windows XP, Vista or 7 Advanced Boot Options.

If you are using Windows 8, press the Windows key + C, and then click Settings. Click Power, hold down Shift on your keyboard and click Restart, then click on Troubleshoot and select Advanced options. In the Advanced Options screen, select Startup Settings, then click on Restart.
If you are using Windows XP, Vista or 7 in the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking , and then press ENTER.
\
If you are using Windows 8, press 5 on your keyboard to Enable Safe Mode with Networking.
Windows will start in Safe Mode with Networking.

STEP 2: Run RKill to terminate the malicious processes associated with Internet Security 2013

RKill is a program that will attempt to terminate all malicious processes associated with Internet Security 2013, so that we will be able to perform the next step without being interrupted by this malicious software.
Because this utility will only stop Internet Security 2013 running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again.

While your computer is in Safe Mode with Networking ,please download the latest official version of RKill.Please note that we will use a renamed version of RKILL so that Internet Security 2013 won’t block this utility from running.
RKILL DOWNLOAD LINK (This link will automatically download RKILL renamed as iExplore.exe)
Double click on iExplore.exe to start RKill and stop any processes associated with Internet Security 2013.
RKill will now start working in the background, please be patient while the program looks for Internet Security 2013 malicious process and tries to end them.

If you get a message from Internet Security 2013 stating that RKill is an infection, and then closes this utility, leave the warning on the screen and then run RKill again.
By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that RKill can terminate Internet Security 2013.
When the Rkill utility has completed its task, it will generate a log. Do not reboot your computer after running RKill as the malware programs will start again.

STEP 3: Remove Internet Security 2013 virus with Malwarebytes Anti-Malware FREE

Malwarebytes Anti-Malware Free is a powerful on-demand scanner which will remove Internet Security 2013 malicious files from your computer.

You can download Malwarebytes Anti-Malware Free from the below link, then double-click on the icon named mbam-setup.exe to install this program.
MALWAREBYTES ANTI-MALWARE DOWNLOAD LINK(This link will open a download page in a new window from where you can download Malwarebytes Anti-Malware Free)
When the installation begins, keep following the prompts in order to continue with the setup process, then at the last screen click on the Finish button.
On the Scanner tab, select Perform quick scan, and then click on the Scan button to start searching for the Internet Security 2013 malicious files.
Malwarebytes’ Anti-Malware will now start scanning your computer for Internet Security 2013 virus as shown below.
When the Malwarebytes Anti-Malware scan has finished, click on the Show Results button.
You will now be presented with a screen showing you the computer infections that Malwarebytes Anti-Malware has detected. Make sure that everything is Checked (ticked), then click on the Remove Selected button.
Once your computer will restart in Windows regular mode, open Malwarebytes Anti-Malware and perform a Full System scan to verify that there are no remaining threats.

STEP 4: Remove Internet Security 2013 rootkit with RogueKiller

RogueKiller is a utility that will scan for the Internet Security 2013 rootkit, registry keys and any other malicious files on your computer.

You can download the latest official version of RogueKiller from the below link.
ROGUEKILLER DOWNLOAD LINK (This link will automatically download RogueKiller on your computer)
Double click on RogueKiller.exe to start this utility and then wait for the Prescan to complete.This should take only a few seconds, then click on the Scan button to perform a system scan.
After the scan has completed, press the Delete button to remove Internet Security 2013 malicious registry keys or files.

STEP 5: Remove Internet Security 2013 infection with HitmanPro

HitmanPro is a cloud on-demand scanner, which will scan your computer with 5 antivirus engines (Emsisoft, Bitdefender, Dr. Web, G-Data and Ikarus) for the Internet Security 2013 infection.

You can download HitmanPro from the below link:
HITMANPRO DOWNLOAD LINK (This link will open a web page from where you can download HitmanPro)
Double-click on the file named HitmanPro.exe (for 32-bit versions of Windows) or HitmanPro_x64.exe (for 64-bit versions of Windows). When the program starts you will be presented with the start screen as shown below.

Click on the Next button, to install HitmanPro on your computer.
HitmanPro will now begin to scan your computer for Internet Security 2013 trojan.
When it has finished it will display a list of all the malware that the program found as shown in the image below. Click on the Next button, to remove Internet Security 2013 virus.
Click on the Activate free license button to begin the free 30 days trial, and remove all the malicious files from your computer.

Your computer should now be free of the Internet Security 2013 infection. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes Anti-Malware to protect against these types of threats in the future, and perform regular computer scans with HitmanPro.
If you are still experiencing problems while trying to remove Internet Security 2013 from your machine, please start a new thread in our Malware Removal Assistance forum.

10 Rules to Avoid Online Scams

Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.

Stop and verify before you click, log in, download, or pay.

Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).

If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.

Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.

If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.

Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.

If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.

Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.

If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.

Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.

If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.

Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.

If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.

Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.

If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).

Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.

If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.

Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.

If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.

Move quickly. Speed matters for disputes, account recovery, and limiting damage.
- Stop payments and contact: do not send more money or respond to the scammer.
- Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
- Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
- Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
- Scan your device: remove suspicious apps or extensions, then run a full malware scan.
- Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
- Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.

These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.

13 thoughts on “Internet Security 2013 – Virus Removal Guide”

Matt Richard

October 12, 2013 at 06:43

THANK YOU SO MUCH
YOGESH

October 6, 2013 at 16:28

THANK YOU VERY MUCH IT WORKED BUT WHAT IF I I DELETE EXE FILE OF IT
sandy

September 27, 2013 at 12:52

i can’t even setup or download the mal-ware its tab gets closed in few minutes or so…………
- Stelian Pilici
  
  September 27, 2013 at 12:54
  
  Hello,
  Did you start your computer in Safe Mode with Networking? Did you run Rkill?
  Lets run these scan:
  STEP 1: Run a scan with ESET Rogue Application Remover
  
  1. Download the ESET Rogue Application Remover by clicking the appropriate link for your system version below
  
  For 32-bit (x86) – http://download.eset.com/special/ERARemover_x86.exe
  
  For 64-bit (x64) – http://download.eset.com/special/ERARemover_x64.exe
  
  2.Save the file to your Desktop. When the download completes, navigate to the file, right-click it and select Run as administrator.
  
  3.Click Accept to accept the End-User License Agreement (EULA).
  
  4. Please be patience while this utility scans for malware, then press any key on your keyboard to exit the tool.
  
  Next please run scan with Malwarebytes Anti-Malware, HitmanPro and RogueKiller. Waiting your reply to see how everything is going.
  Stay safe!
Ibrahim Al_Hassany

September 9, 2013 at 21:12

I would like to thank you so very much for the wonderful information that you posted on your website, it helped a lot and it is amazing to see someone who dedicate time and effort just to help. Thank you.
- Sandy
  
  September 16, 2013 at 03:49
  
  Agreed, thank you so very much, no more panic over this matter, thank you! :)
Stelian Pilici

August 31, 2013 at 04:28

Hello,
I still advise you to run a scan with Malwarebytes Anti-Malware and HitmanPro just to be on the safe side!

Stay safe!
Stelian Pilici

August 19, 2013 at 08:55

Hello,
Lets run a scan with these tools:
STEP 1: Run a scan with ESET Online Scanner

1.Download ESET Online Scanner utility.

ESET Online Scanner Download Link : http://download.eset.com/special/eos/esetsmartinstaller_enu.exe

2. Double click on the Eset installer program (esetsmartinstaller_enu.exe).

3.Check Yes, I accept the Terms of Use, then click the Start button.

4.Check Scan archives and push the Start button.

5. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

6. When the scan completes, click on the Finish button.

STEP 2: Run a scan with Kaspersky Virus Removal Tool:

1. You can download from Kaspersky Virus Removal Tool from here : http://www.kaspersky.com/antivirus-removal-tool?form=1

2. Double click the setup file to run it, then follow the onscreen prompts until it is installed

Click the Options button (the ‘Gear’ icon), then make sure only the following are ticked:

System Memory

Hidden startup objects

Disk boot sectors

Local Disk (C:)

Also any other drives (Removable that you may have)

3. Then click on Actions on the left hand side

4. Click Select Action, then make sure both Disinfect and Delete if disinfection fails are ticked

5. Click on Automatic Scan, then click the Start Scanning button, to run the scan.

Next, please run a scan with HitmanPro and if a threat is detect, please post the log in your next reply, so that I may take a look.
Stay safe!
Stelian Pilici

August 17, 2013 at 16:44

Hello Joe,
Can you please run a scan with Combofix and post the logs here so that I can get an idea on what’s going on:

You can download ComboFix from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

VERY IMPORTANT !!! Save as Combo-Fix.exe during the download.ComboFix must be renamed before you download to your Desktop

Close any open browsers.

Very Important!!!> Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause “unpredictable results”.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

1. Double click on ComboFix.exe & follow the prompts.

2. Accept the disclaimer and allow to update if it asks

3. When finished, it shall produce a log for you.

Notes:

Do not mouse-click Combofix’s window while it is running. That may cause it to stall.

Do not “re-run” Combofix. If you have a problem, reply back for further instructions.

If after the reboot you get errors about programs being marked for deletion then reboot, that will cure it.

Please post the Combofix, so that I can get an idea on what’s going on.
Next, please run a scan with HitmanPro and Malwarebytes, then let me know how is your computer running.
tc

August 2, 2013 at 00:54

It really works, cleared up my laptop. thanks Stelian
Bev

July 22, 2013 at 02:30

This seems to have worked perfectly. Thank you so much.
Robin

July 18, 2013 at 09:29

It worked perfect for me
Butterfly

July 18, 2013 at 00:01

Wow! Thank you so much. Something that one of the programs caught and got rid of made my Desktop picture reappear. My desktop has been black since over a year ago!!!! Awesome :)