Here’s yet another malware program masquerading as anti-virus software. Internet Security 2010 gives the appearance of a bona fide virus clean up program. It comes with a fake screen of virus infections that are designed to scare you into buying their software. Don’t be fooled!
This software is kind of devious in that it disables the task manager and also redefines Run > CMD so that you can’t get to the DOS prompt.
Here’s what I did to clean it up.
1) Make sure you have a current backup of any important files. Pictures, documents, music, etc.
2) Boot into Safe mode. Press F8 during power up and then choose Safe Mode with Networking.
3) Download Malwarebytes Anti-Malware and Hijackthis.
4) Install and run Malwarebytes. Make sure you do an update first and then do a Quick Scan. This will remove the majority of the virus.
5) Install and Run Hijackthis. Look for references to windowsupdate86 and IS2010 and remove them.
6) Reboot your computer into Safe Mode again.
7) Run msconfig and remove any references to IS2010 or Internet Security 2010.
8) Open your Windows Explorer and manually remove the folder c:\program files\internet security 2010 or c:\program files\IS2010.
9) Run Regedit and do a search for Internet Security 2010. Remove any references.
10) Reboot to Safe Mode again.
11) Run Malwarebytes again doing a FULL scan.
At this point your system should be clean.
In the future, make sure you are running Firefox rather than IE.