LOGO

Remove Internet Security 2010 & Rogue Antivirus Malware

January 25, 2010
Topics:FeaturesFilesMicrosoft Download
Remove Internet Security 2010 & Rogue Antivirus Malware

Dealing with Internet Security 2010 Infections

If your PC is affected by Internet Security 2010, you likely seek guidance on its removal. Fortunately, instructions are available to assist in eliminating this problematic software.

Internet Security 2010 represents one of numerous deceptive antivirus applications, similar to Antivirus Live and Advanced Virus Remover, which essentially hold your computer for ransom. These programs falsely report infections and obstruct legitimate removal attempts.

Understanding the Infection Process

Typically, these infections begin with a popup message originating from a compromised website or malicious advertisement. These are frequently encountered on certain types of websites, though the source isn’t exclusive to them.

Important Note: For those familiar with safe computing practices, avoiding these installations is likely straightforward. However, less experienced users, such as family members, may require specific advice. Instruct them to immediately:

PRESS AND HOLD THE POWER BUTTON FOR 10 SECONDS!

Even if a genuine virus is present, a forced shutdown won't worsen the situation. Some of these malicious programs are persistent and attempt installation regardless of user interaction. Powering off provides the simplest solution for non-technical individuals.

How the Infection Unfolds

Upon clicking the initial popup, a page resembling your computer’s file explorer appears, falsely indicating a system infection. Many users are unaware that legitimate antivirus software doesn’t display this way.

After a short delay, a dialog box within the webpage claims your PC is infected and offers a "Remove all" button. This dialog mimics a genuine Windows message and can even be dragged around the screen, further deceiving users.

Clicking this button prompts you to run an installer, often accompanied by numerous security warnings.

Once the installer executes, your system becomes infected.

You will find yourself unable to launch applications.

Furthermore, removing the program through the Control Panel becomes impossible.

Removing Rogue Fake Antivirus Infections: A General Approach

Several steps can generally be followed to eliminate most rogue antivirus infections, and indeed, many types of malware or spyware. Here’s a concise guide:

  • Attempt to use the free, portable version of SUPERAntiSpyware for initial removal.
  • If unsuccessful, restart your PC in safe mode with networking (press F8 before Windows loads).
  • Retry using the portable version of SUPERAntiSpyware.
  • Reboot into safe mode with networking again.
  • If safe mode is blocked, consider using ComboFix (use with caution).
  • Install MalwareBytes and perform a full system scan.
  • Reboot and run a full scan with your regular antivirus application (Microsoft Security Essentials is recommended).
  • Your PC should now be clean.

These steps typically prove effective. However, some malware infections can block safe mode and prevent any action. We will address these scenarios in a future article.

Specifically Removing Internet Security 2010

The initial step involves terminating the currently running virus processes. This can be achieved without downloading specialized software.

Open the Start menu, select "Run" (or press Win+R), and type the following command:

taskkill /f /im is2010.exe

Press Enter to terminate the main virus window. Subsequently, execute these commands:

taskkill /f /im winlogon86.exe

taskkill /f /im winupdate86.exe

With these processes terminated, you can now utilize malware removal tools.

Utilizing SUPERAntiSpyware for Cleanup

Now, download and install SUPERAntiSpyware. The full version or the portable version can be used.

If using the full version, update the definitions and then initiate a "Complete Scan" of all drives.

The scan should identify and eliminate the malicious files.

After completion, remove the detected threats and reboot your system. However, do not reboot immediately.

Install and Run Malwarebytes

Next, install MalwareBytes and perform a full system scan. This ensures comprehensive removal, as no single tool detects all malware.

Install Microsoft Security Essentials

Finally, install Microsoft Security Essentials and run another full scan for added security.

Caution: If you used a USB drive during this process, scan it thoroughly, as viruses can transfer to removable media.

Additional Insights

Interestingly, the processes terminated earlier (winlogon86.exe and winupdate86.exe) are also associated with Advanced Virus Remover, suggesting a common developer.

winlogon86.exe typically displays deceptive error messages, while winupdate86.exe blocks application launching and reinstates the Internet Security 2010 window.

A reader, Robert, shared a helpful tip: you can often move the error message to the corner of the screen and proceed with installing malware removal tools. This works with some, but not all, infections.

Share Your Experiences

Have you successfully removed this virus or encountered similar issues? Share your experiences and methods in the comments or email us at tips@howtogeek.com.

Update: Newer, more resilient versions of this malware may exist. It’s advisable to avoid rebooting after the initial SUPERAntiSpyware scan and immediately run MalwareBytes. Also, review the advice provided by other readers in the comments section.

#Internet Security 2010#rogue antivirus#malware removal#fake antivirus#remove malware#computer security