pmq.exe

I have a Win 7 (Starter) netbook that keeps asking me to run / purchase a Win 7 Virus protection package everytime I try to use IE.  The IE security is detecting pmq.exe as the culprit.  I can't access the internet and the netbook does not have a cd-drive.
medpipesAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jaustin1Commented:
I would download MalWareBytes from www.malwarebytes.org and put it on a flash drive, then put it on the netbook, install it, and do a full scan.
0
Brian GeeCommented:
Do the above, but since you do not have Internet access apparently, you'll need to download Malwarebytes on a separate computer and then load the EXE onto a USB Flash (thumb) drive so that you're able to copy the Malwarebytes program to the netbook.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Brian GeeCommented:
To see if this will immediately assist with the Internet connectivity issue (and you are certain you don't connect to the Internet via proxy), try this:

Tools > Internet OptionsConnections tab >  LAN settings button > make sure that Automatically Detect Settings is the only checkbox checked (if it is not, correct it).
0
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

medpipesAuthor Commented:
yobri:  I don't "think" i have a connection issue.  my home page is google and i can briefly see it before this virus kicks in. Then it pushes IE to the background and wants to do a scan, when i close all those windows the IE closes.
0
Brian GeeCommented:
Ah, OK. I interpreted "I can't access the internet" differently... with that, get Malwarebytes downloaded on to a USB Flash drive so that you can get that installed and running in order to get that malware removed.

I suppose terminating the pmq.exe process only allows it to start up again, huh?
0
medpipesAuthor Commented:
Was able to download and transfer via USB.  I guess it does not run on Win 7 Starter.  Nothing happens when I double-click the executable.
0
medpipesAuthor Commented:
yes, i can see pmq running in task mgr, but terminating it is only temporary.  When I open IE, the IE security pop-up does give me the path to pmq, but when i browse to that directory it is not there.
0
jaustin1Commented:
Windows 7 Starter should allow you to run executables.  Can you try right-clicking and selecting "Run as Administrator" instead?
0
younghvCommented:
Read the instructions in the EE Articles below - you can just let that 'scareware' run until it finishes its 'scan' - then click out of it.

If you do have to download Malwarebytes to a separate computer, get the manual updater here: http://data.mbamupdates.com/tools/mbam-rules.exe

EE Articles here:
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
0
medpipesAuthor Commented:
run as admin works...scanning now, will let you know the results
0
younghvCommented:
I think you are dealing with a "Rootkit" infection and if so Malwarebytes will not be the solution.

If the symptoms persist you might want to start with TDSSKILLER found here:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

* Download the file TDSSKiller.zip and extract it into a folder on the infected (or potentially infected) PC.
* Execute the file TDSSKiller.exe.
* Wait for the scan and disinfection process to be over. You do not have to reboot the PC after the disinfection is over.

If the tool finds a hidden service it will prompt you to type "delete",  you can also just hit "Enter" without typing in and the scan will continue...
Please post the log to be analyzed.

You may have to take further steps to include ComboFix.

http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
medpipesAuthor Commented:
My problem is solved, thank you very much for your assistance.
0
medpipesAuthor Commented:
completely satisfied
0
jaustin1Commented:
Great!  Glad to hear it!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Spyware

From novice to tech pro — start learning today.