Solved

software called "Internet Security-designed to protect' is running- seems like a virus

Posted on 2012-03-16
7
560 Views
Last Modified: 2012-03-28
when i start the xp machine, it seems like the above program is controlling all the exe and seems abnormal behavior..

because it was of concern, i shut it down.. what can i do to troubleshoot when i start the machine again... disconnect from internet.. what else?
0
Comment
Question by:25112
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 5

Author Comment

by:25112
ID: 37731709
here is a pic of it..
DSC00133.JPG
0
 
LVL 2

Assisted Solution

by:d_s_s
d_s_s earned 100 total points
ID: 37731738
You've got a case of the classic spyware infestation.

Download malware bytes: http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install it. Run it once so you can choose to download all updates for it.

Reboot computer in safe-mode. Run malware bytes and remove spyware.

There may be more involved. Let me know if you run into any obstacles.

Cheers,
Dom
0
 
LVL 82

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 100 total points
ID: 37731890
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 200 total points
ID: 37732458
Agree with ve3ofa's comment...  you won't be able to run MBAM until you kill the virus/malware process[es]. Then be sure to read all the comments below that article, because thorough cleanup will likely include getting the Firewall/ICS and Security Center services running again.

The root cause that I've seen personally was OK'ing the installation of FlashPlayer that wasn't really FlashPlayer.
You should get FlashPlayer from Adobe at
http://get.adobe.com/flashplayer/
let it update only at startup when notified, and never OK installing Flash Player from random web sites.
0
 
LVL 12

Assisted Solution

by:Grant1842
Grant1842 earned 100 total points
ID: 37734856
Go get combofix run it first.

http://www.combofix.org/download.php   .

All so hitman pro.
http://www.surfright.nl/en/hitmanpro.

THis should get it off  your computer up and running.

Then you can use malwarebytes, avg. norton, etc to clean up.
0
 
LVL 5

Author Comment

by:25112
ID: 37735604
the article suggested
1.      FixNCR.reg (http://download.bleepingcomputer.com/reg/FixNCR.reg)
2.      RogueKiller (http://www.sur-la-toile.com/RogueKiller/)
3.      Malwarebytes (http://www.malwarebytes.org/) and

also
http://www.combofix.org/download.php   .
http://www.surfright.nl/en/hitmanpro

will the malware allow me to open firefox and download these and run?

will FixNCR.reg  automatically fix the bad registry?
0
 
LVL 44

Accepted Solution

by:
Darr247 earned 200 total points
ID: 37736217
It also said to get
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
(see the "and" at the end of #3?)

You may need to download the files using another computer, then copy them over using floppy, CD, USB stick, et cetera..

FixNCR.reg will fix the change the malware makes in the registry that restarts itself every time you try to run any exe file. So, yes...  fix the registry, then run #2 and both the #3's, without rebooting.

Then continue on down through the comments and check if the leftover symptoms mentioned are present in your installation, and if so, follow those fixes, too.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses
Course of the Month7 days, 23 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question