Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

software called "Internet Security-designed to protect' is running- seems like a virus

Posted on 2012-03-16
7
Medium Priority
?
570 Views
Last Modified: 2012-03-28
when i start the xp machine, it seems like the above program is controlling all the exe and seems abnormal behavior..

because it was of concern, i shut it down.. what can i do to troubleshoot when i start the machine again... disconnect from internet.. what else?
0
Comment
Question by:25112
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 5

Author Comment

by:25112
ID: 37731709
here is a pic of it..
DSC00133.JPG
0
 
LVL 2

Assisted Solution

by:d_s_s
d_s_s earned 400 total points
ID: 37731738
You've got a case of the classic spyware infestation.

Download malware bytes: http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install it. Run it once so you can choose to download all updates for it.

Reboot computer in safe-mode. Run malware bytes and remove spyware.

There may be more involved. Let me know if you run into any obstacles.

Cheers,
Dom
0
 
LVL 83

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 400 total points
ID: 37731890
0
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 800 total points
ID: 37732458
Agree with ve3ofa's comment...  you won't be able to run MBAM until you kill the virus/malware process[es]. Then be sure to read all the comments below that article, because thorough cleanup will likely include getting the Firewall/ICS and Security Center services running again.

The root cause that I've seen personally was OK'ing the installation of FlashPlayer that wasn't really FlashPlayer.
You should get FlashPlayer from Adobe at
http://get.adobe.com/flashplayer/
let it update only at startup when notified, and never OK installing Flash Player from random web sites.
0
 
LVL 12

Assisted Solution

by:Grant1842
Grant1842 earned 400 total points
ID: 37734856
Go get combofix run it first.

http://www.combofix.org/download.php   .

All so hitman pro.
http://www.surfright.nl/en/hitmanpro.

THis should get it off  your computer up and running.

Then you can use malwarebytes, avg. norton, etc to clean up.
0
 
LVL 5

Author Comment

by:25112
ID: 37735604
the article suggested
1.      FixNCR.reg (http://download.bleepingcomputer.com/reg/FixNCR.reg)
2.      RogueKiller (http://www.sur-la-toile.com/RogueKiller/)
3.      Malwarebytes (http://www.malwarebytes.org/) and

also
http://www.combofix.org/download.php   .
http://www.surfright.nl/en/hitmanpro

will the malware allow me to open firefox and download these and run?

will FixNCR.reg  automatically fix the bad registry?
0
 
LVL 44

Accepted Solution

by:
Darr247 earned 800 total points
ID: 37736217
It also said to get
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
(see the "and" at the end of #3?)

You may need to download the files using another computer, then copy them over using floppy, CD, USB stick, et cetera..

FixNCR.reg will fix the change the malware makes in the registry that restarts itself every time you try to run any exe file. So, yes...  fix the registry, then run #2 and both the #3's, without rebooting.

Then continue on down through the comments and check if the leftover symptoms mentioned are present in your installation, and if so, follow those fixes, too.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question