Solved

software called "Internet Security-designed to protect' is running- seems like a virus

Posted on 2012-03-16
7
548 Views
Last Modified: 2012-03-28
when i start the xp machine, it seems like the above program is controlling all the exe and seems abnormal behavior..

because it was of concern, i shut it down.. what can i do to troubleshoot when i start the machine again... disconnect from internet.. what else?
0
Comment
Question by:25112
7 Comments
 
LVL 5

Author Comment

by:25112
ID: 37731709
here is a pic of it..
DSC00133.JPG
0
 
LVL 2

Assisted Solution

by:d_s_s
d_s_s earned 100 total points
ID: 37731738
You've got a case of the classic spyware infestation.

Download malware bytes: http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install it. Run it once so you can choose to download all updates for it.

Reboot computer in safe-mode. Run malware bytes and remove spyware.

There may be more involved. Let me know if you run into any obstacles.

Cheers,
Dom
0
 
LVL 80

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 100 total points
ID: 37731890
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 200 total points
ID: 37732458
Agree with ve3ofa's comment...  you won't be able to run MBAM until you kill the virus/malware process[es]. Then be sure to read all the comments below that article, because thorough cleanup will likely include getting the Firewall/ICS and Security Center services running again.

The root cause that I've seen personally was OK'ing the installation of FlashPlayer that wasn't really FlashPlayer.
You should get FlashPlayer from Adobe at
http://get.adobe.com/flashplayer/
let it update only at startup when notified, and never OK installing Flash Player from random web sites.
0
 
LVL 12

Assisted Solution

by:Grant1842
Grant1842 earned 100 total points
ID: 37734856
Go get combofix run it first.

http://www.combofix.org/download.php   .

All so hitman pro.
http://www.surfright.nl/en/hitmanpro.

THis should get it off  your computer up and running.

Then you can use malwarebytes, avg. norton, etc to clean up.
0
 
LVL 5

Author Comment

by:25112
ID: 37735604
the article suggested
1.      FixNCR.reg (http://download.bleepingcomputer.com/reg/FixNCR.reg)
2.      RogueKiller (http://www.sur-la-toile.com/RogueKiller/)
3.      Malwarebytes (http://www.malwarebytes.org/) and

also
http://www.combofix.org/download.php   .
http://www.surfright.nl/en/hitmanpro

will the malware allow me to open firefox and download these and run?

will FixNCR.reg  automatically fix the bad registry?
0
 
LVL 44

Accepted Solution

by:
Darr247 earned 200 total points
ID: 37736217
It also said to get
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
(see the "and" at the end of #3?)

You may need to download the files using another computer, then copy them over using floppy, CD, USB stick, et cetera..

FixNCR.reg will fix the change the malware makes in the registry that restarts itself every time you try to run any exe file. So, yes...  fix the registry, then run #2 and both the #3's, without rebooting.

Then continue on down through the comments and check if the leftover symptoms mentioned are present in your installation, and if so, follow those fixes, too.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 disk usage 100%. 28 186
Security perspectives to assess for APIs 1 44
Lenovo T400 freeze at start up 8 54
Exchange 2010 upgrade to 2013 certificate issue 2 28
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Ransomware continues to grow in reach and sophistication, putting data everywhere at risk. Learn how to avoid being caught in its sinister clutches with these 11 key tips.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question