Remove Internet Security 2010 [Removal Guide]

DarkS0ul wrote:

Yes it was one of the first things I fixed:

Fix the path for userinit (Change C:\ to reflect your path): So use the UBCD4win and make sure the path and file are correct. That will fix the login logout loop.

Code:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

Two of my customers got this virus this morning and this is the addition that really helped me to resolve the problem. This little pest may have evolved since this guide was written because if the userinit.exe is changed you won't even be able to get into Safe Mode so the rest of the guide is pointless without this. I think this should be added to the full instructions.

Legend!

Hey everyone!

just got this crap last night! ...im kind of noob at this so i hope u can help me!

i havent installed it, i just get the popups that i should install and have the warning sign on my desktop "that i am infected. but then when i try to extract the .rar file with malaware from the link i just get a warning that "Application cannot be executed.the file infected, Please activate your antivirus software" so im kind of stuck at this,

i have norton 360 installed ive runned that and found somekind virus...havent restarted the cpu yet though so i still get the pop-ups as im typing this...

if i would do a full system install with windows cd so that the harddrive "formated" would the virus be removed then? cause in my case that seems like the easier way for me..

really hope u guys can help me fast. and sry for my bad english im a swede! thx otherwise

it said for me also that i can't open it because it's infected, so i went to the site itself and downloaded it from there with no problems.

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

bakersdozen wrote:

it said for me also that i can't open it because it's infected, so i went to the site itself and downloaded it from there with no problems.

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

Hey Baker! ye i did the same. have it installed now but havent used it yet..to scared of that login problem they are talking about. been reading alot and it seems really hard "atleast for me" to understand exact how to get the pc not to shut off everytime u login! like typing codes and stuff!

Just got this one, and pretty sure I just got rid of it. This is really pesky, moreso than last year's "Anti Virus 2009". You need the most recent version of Malwarebyes anti Malware. If you don't have it, restart your computer and keep hitting F8 and choose Safe Mode with networking. Once you're started in safe mode, Google Malwarebytes. Download and install it. Keep in mind that this virus is pretty pesky, it will continue to pop bogus messages up (even in safe mode) trying to get you to click on it and give them your credit card etc. DON'T CLICK ANY OF THE BOXES, NOT EVEN CANCEL OR CLOSE. Drag the boxes off to the side and out of the way while you install\update\run Malwarebytes. Clicking the messages just seems to make it worse and more fierce. It took me a couple of tries, but i finally got it updated and ran a quick scan. Malwarebytes found 23 infected items, which of course you remove. After that I ran Spybot search and destroy (another program you should have, updated of course), and it found 1 more infected item. Just as a precaution, I ran symantec anti virus scan for an hour and it found nothing. So it's safe to assume that the first 2 programs got it. Good Luck!!

After that I ran Spybot search and destroy (another program you should have, updated of course),

Not any more LDukey. To be honest, Spybot hasn't worked well for about a year now. Malwarebytes has taken over as the best malware/trojan/spyware product out there. I uninstalled Spybot 6 months ago as it just kept finding the same things all the time - all false positives.

DON'T CLICK ANY OF THE BOXES, NOT EVEN CANCEL OR CLOSE. Drag the boxes off to the side and out of the way

Sadly, most lay-people, my customers, will always click the box - out of panic more than anything else. By then, of course as we know, it is already too late. Like a bunch of guys gatecrashing a party, once the door is held open by one of them the rest pile on in.

I'm surprised to see someone with some I.T. knowledge using Symantec. That POS has been on the top of the virus attack list for years now. Sadly though, even AVG is susceptible. That's why forums such as this one and bleepingcomputers are so great.

taylordewd wrote:

Here's the link and procedure you need:

it's blank dude. the fix is already posted here. There's no need to add another one.

pivve wrote:

Hey everyone!

just got this crap last night! ...im kind of noob at this so i hope u can help me!

i havent installed it, i just get the popups that i should install and have the warning sign on my desktop "that i am infected. but then when i try to extract the .rar file with malaware from the link i just get a warning that "Application cannot be executed.the file infected, Please activate your antivirus software" so im kind of stuck at this,

i have norton 360 installed ive runned that and found somekind virus...havent restarted the cpu yet though so i still get the pop-ups as im typing this...

if i would do a full system install with windows cd so that the harddrive "formated" would the virus be removed then? cause in my case that seems like the easier way for me..

really hope u guys can help me fast. and sry for my bad english im a swede! thx otherwise

hey pivve. I prefer Parsnips myself.

If you follow the instructions at the top of this page you will be able to remove it. That's really what you should have done first - if you were then still having problems with this bugger, that's when you post a help request.

So, try starting in 'safe mode' (tap the F8 key just after the BIOS screen disappears and before the Windows symbol appears), choose Safe Mode, download and install Malwarebytes Anti-Malware (if you can) and run it. If it's runs successfully you will most likely get rid of everything to do with this thing but reboot into normal windows and run a virus scan and another MBAM scan anyway - better safe than sorry.

I would also suggest you ditch Norton 360 for AVG FREE version 9. Norton/Symantec are pretty useless unfortunately.

If you are then still having problems - post something here.

We cool?

My father got this malware today and has completed this guide but the problem reoccurs each time he restarts. After every reboot he starts the Malwarebytes Anti-malware program and each time it discovers new files.

He has NOD32 installed but not updated (licence expired...) but he can't access internet so renwing won't do any good (at least not for the time being). He did a scan with NOD32 that came up with two hits which were deleted.

We installed MBAM in fail safe and ran it through there the first time with "success". After reboot we ran WinXp normal and a new scan which found some new files - deleted and rebooted. Problem still not solved after this, several scans finds new files each time. We tried fail safe and hoping that a manual delete in regedit would help but the bugger stopped us from running it. Seeing as MBAM isn't stopping this, we quit and I'm asking for what to do.

0s1r1s wrote:

pivve wrote:

Hey everyone!

just got this crap last night! ...im kind of noob at this so i hope u can help me!

i havent installed it, i just get the popups that i should install and have the warning sign on my desktop "that i am infected. but then when i try to extract the .rar file with malaware from the link i just get a warning that "Application cannot be executed.the file infected, Please activate your antivirus software" so im kind of stuck at this,

i have norton 360 installed ive runned that and found somekind virus...havent restarted the cpu yet though so i still get the pop-ups as im typing this...

if i would do a full system install with windows cd so that the harddrive "formated" would the virus be removed then? cause in my case that seems like the easier way for me..

really hope u guys can help me fast. and sry for my bad english im a swede! thx otherwise

hey pivve. I prefer Parsnips myself.

If you follow the instructions at the top of this page you will be able to remove it. That's really what you should have done first - if you were then still having problems with this bugger, that's when you post a help request.

So, try starting in 'safe mode' (tap the F8 key just after the BIOS screen disappears and before the Windows symbol appears), choose Safe Mode, download and install Malwarebytes Anti-Malware (if you can) and run it. If it's runs successfully you will most likely get rid of everything to do with this thing but reboot into normal windows and run a virus scan and another MBAM scan anyway - better safe than sorry.

I would also suggest you ditch Norton 360 for AVG FREE version 9. Norton/Symantec are pretty useless unfortunately.

If you are then still having problems - post something here.

We cool?

Hey Os1iri1s!

followed the guide and installed the Mbam, but did this first in normal mode found like 23 infected files rebooted and tried to go into safe mode! the cpu said that it didnt work...so i logged back in normal mode again....scanned and found only 1 file left "Rootkit.agent" Malaware finds it easy but everytime i reboot and scan its still there

the infected file is located in "c:\windows\system32\drivers\uwtnhuf.sys"

so any help to get rid of this would be lovely

otherwise great and easy guide thx

Last edited by pivve on 7th January 2010, 9:24 pm; edited 1 time in total

I do agree with you. This was someone elses machine that I was working on, and I just used the programs he had on there. 5 years ago, Spybot and Adaware were the best programs out there, now it seems like they don't really do much. On my machine I use Malwarebytes and AVG free. Malwarebytes is the most effective, I might just donate money to them for putting out such a useful, free product.

LDukey wrote:

I do agree with you. This was someone elses machine that I was working on, and I just used the programs he had on there. 5 years ago, Spybot and Adaware were the best programs out there, now it seems like they don't really do much. On my machine I use Malwarebytes and AVG free. Malwarebytes is the most effective, I might just donate money to them for putting out such a useful, free product.

Hey dude. Fair enough - I carry a flash drive with lots of goodies on it, including AVG and MBAM for this reason. But I can't always get them to install if something like this has entrenched itself. boo hiss. (Keeps me in business though)
I guess it's a lot like the audio download software: Kazaa, KLite, Limewire and Soulseek. After a while ones gets replaced by the next - although in the case of Limewire, that became obsolete because morons started filling it up with viruses and trojans. boo hiss x2

Anyway. Stay safe dude.

the cpu said that it didnt work.

I think you mean the operating system. The cpu is a component of the computer, the brains if you will. The operating system is the consciousness, or personality.

the infected file is located in "c:\windows\system32\drivers\uwtnhuf.sys"

It sounds like you might need to dump all your system restore points as it's most likely hiding in there. This is not unusual. I'd run a FULL scan with MBAM and then with your anti virus software and see if that fixes it. If not, download and install CCleaner from THIS LINK to uninstall your system Restore points. CCleaner is also good for cleaning up all the temporary files and giving your registry (the oil in your engine) a once over; like getting a service on a car.

It's not my guide, but let me know how you go.

0s1r1s wrote:

the cpu said that it didnt work.

I think you mean the operating system. The cpu is a component of the computer, the brains if you will. The operating system is the consciousness, or personality.

the infected file is located in "c:\windows\system32\drivers\uwtnhuf.sys"

It sounds like you might need to dump all your system restore points as it's most likely hiding in there. This is not unusual. I'd run a FULL scan with MBAM and then with your anti virus software and see if that fixes it. If not, download and install CCleaner from THIS LINKto uninstall your system Restore points. CCleaner is also good for cleaning up all the temporary files and giving your registry (the oil in your engine) a once over; like getting a service on a car.

It's not my guide, but let me know how you go.

ok finally made my way into "safe mode" scanned with mbam and didnt find anything!

went back to "normal mode" and scanned still there. and i did full scans earlier today with mbam and norton 360...and tonight i uninstalled norton 360 and installed AVG instead but didnt find anything with that either!

so gonna try CCleaner now seems like my last way out!

edit: sorry to say Ccleaner didnt help i deleted all my restore points except the lastest one because the program wouldnt let me hehe.

so now im clueless what to do?

wouldnt it work if go into "safe mode" and delete the uwtnhuf.sys file the one that is infected?
or maybe i wouldnt be able to start up the OS again? and then restore XP afterwards?

might sound like the worst idea ever! hehe

but im running out off options or maybe a full re-install of the computer?

edit2: looked around on the forum found a threadTHIS LINK with a dude that has the same problem as i have gonna follow that through tomorrow and hopefully get rid of this thing! atleast he did

The malwarebytes stuff did not work, folks. It's apparently figured out how to prevent the main file from executing.

My stepson got this on his old XP laptop which I had unfortunately neglected to sufficiently protect. I managed to disable the virus by going through and using movefile from sysinternals to change the location of the files, but when I installed avira to scan and fix the infection, I stepped into some kind of landmine that bluescreened the system. When it comes up now there is NO bootloader, no nothing. Just a blank screen.

I really would like to know where this thing is coming from because the appropriate authorities need to be notified, the site serving this piece of garbage up needs to be shut down, and the individuals responsible need to be arrested and jailed for destruction of property. This is an incredibly aggressive and destructive program which appears to have no other purpose than to permanently destroy people's computers.

Just a warning: if you get this, prepare to kiss your system goodbye. I'm an MCSE with 14 years of experience in the desktop OS world and I've never seen such a spiteful little scrummy dirtworm of a virus. Conficker was a walk in the park compared to this piece of crap.

wouldnt it work if go into "safe mode" and delete the uwtnhuf.sys file the one that is infected?

you mean you didn't try that first?? Ah Jeez. Perhaps I should have said something about that too. Definitely try deleting it.

CCleaner is just a registry and file cleaner. You have to get rid of it first and then this app will go in a clean up the mess.

You didn't need to uninstall Norton - it would have been better to install AVG, saw if it found anything and if it did, then uninstall Norton. I hope you have the installer still - in case you need it.

If worst comes to the worst, you'll probably need to reformat your hard drive and reinstall XP. But 90% of the people who have been infected by this thing have resolved it from this forum. If that's not working for you then it may be something else entirely. Try that guide and if that doesn't work I'd suggest you weigh up your options between further cleaning - preferably manually - and a rebuild.

You know. This is why I always suggest to people that they have TWO hard drives on their desktops and that laptops have their hard drives partitioned. This way you can change the location of your My Documents folder to the second hard disk and save everything else of value to this second area by default.

If anything goes pear-shaped with the O.S. partition, it's not too much of a problem. Sure it means a lot of reinstalling but in the end your data is safe. And that's the priority.

I only wish I could find out who the people are who make these things because I would quite happily cut their balls off and feed them to them.

0s1r1s' guide to reinstalling:

Infection detected > EEK! > Attempt elimination > Fail > NOOOO! > Safe Mode mayhem > Fail > FRAK!!! > Format > gulp! > reinstall O.S. > yawn! > reinstall software > red bull and/or yawn x2 > configure > grrr! > back up and running > yay! > Updates > Oh FFS! > Bandwidth fragged for another month > (note to self: use ghost to create an image of the basic installation next time!) > Fin

hehe yeah you are right i re-installed windows instead!

and i didnt loose to much i have a backup drive! only thing i dont like is to reinstall everything! takes forever. but atleast now its done!

I appear to be out of options, but I hope someone can tell me I'm wrong. I boot the computer and hit F8 to go into safe mode, but once there wherever I try to go takes me to my "Welcome" page and it won't let me go beyond that. I tried downloading the Malwarebytes on the computer I'm using now and then copying it and downloading it on the infected computer, but it will not allow me access to it. I was able to run a scan with AVG and Spybot, which were already installed on the computer, and they removed several infections, but nothing seems to be helping this problem. It seems the more progress I attempt to make, and think I'm making, the worse the problem becomes the next time I try to access the computer. I've tried everything these messages say to do, but it either doesn't work or I can't access the program period. What can I do?

i cannot install the malwarebytes it says error message 707(3,0)what else can i do the computer shop wants 50 dollars and says it might not even work,and then they want 75 to erase the hard drive and reinstall windows if it doesnt work please help if u can

I really need help or otherwise I am going to snap. I downloaded this program and it detected the viruses. I restarted the computer and now I can't login AT ALL!!! I don't have the money to go to geeksquad or whatever. I don't know what else to do. This is devastating for me because I use this computer for everything. Please can someone help!!!!!

Ok, I see there are alot of other first time posters on here as well! This is one nasty little critter and I think I almost have it licked but I can't get the computer to connect to the internet.

I ran that MBAM and it took care of it pretty good but it must still be hanging around somewhere. The office network is running fine (i.e. we can all still print through the computer) so it's not that the wireless connection isn't working. Any ideas?

Upon further review, I have found that when I go to open the wireless connections I get this statement where the networks would usually be:

"Windows coannot configure this wireless connection

If you have enabled another program to manage this wireless connection, use that software.

If you want Windows to configure this wireless connection, start your Wireless Zero Configuration service. For more information about starting the WZC service, see article 871122 in the Microsoft Knowledge Base on Microsoft.com website."

That is verbatim. Notice there are some punctuation errors and the such. Sounds kinda fishy. What do you guys think? What should I do?

DarkS0ul wrote:

Yes it was one of the first things I fixed:

Fix the path for userinit (Change C:\ to reflect your path): So use the UBCD4win and make sure the path and file are correct. That will fix the login logout loop.

Code:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

Not sure how to do this part?

Uh oh. Now I got something that looks bad goin on.

AVG says Threat Detected!
File name: C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1\A0002105.exe
Threat Name: Trojan Horse SHeur2.CFOA
Detected on Open.
Process name: C:\WINDOWS\system32\svchost.exe
Process ID: 1216

I hope I'm wrong when I'm thinking the virus, which has seemingly been wiped off the computer, has somehow managed to get into the svchost file. What should I do? Is it in the restore points now too?

somehow i think its gone i have windows vista and it let me sytem restore before logging on and it seems to be gone

bill27 wrote:

I appear to be out of options, but I hope someone can tell me I'm wrong. I boot the computer and hit F8 to go into safe mode, but once there wherever I try to go takes me to my "Welcome" page and it won't let me go beyond that. What can I do?

This will fix the Log In / Log Out problem. This was mentioned earlier in this thread dude - on the first page.

You will need a boot disc for this - I suggest WinPE boot disc, or Hiren's boot disc. Anything that gets oyu into a reloaded version of windows. It also needs to have a registry editor on it so you can access your PC's registry. You'll need to DL this off another computer.

Open Regedit and goto: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Change Userinit back to: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

IF only i looked this up earlier then it didnt block me first i noticed something fishy about the So called "Internet Security 2010" Well it popped out from nowhere which was weird im like ok fine whatever then i spot bad english and im like i dont think they would make a program cost 50$ and have such bad english(no i didnt buy it) ok fine whatever im like im not clicking ur messages i just put em away after that i looked it up on my laptop im on my laptop as i speak my pc is still dead so talk to me guys i didnt get blocked but now im getting logged off i cant open nothing at first i could do stuff now i cant do anything so tell me how can i fix it i cant even run safemode im gonna repair it soon prolly but can u tell me how could it possibly get in my pc just like that id appreciate all the answers And Good Job on the guys that went through all the trouble for this thing i love my pc i want it back but those sons of b**** are gonna pay for raping my PC

Those of you that are having a problem with removing this thing. You need to kill the processes before you can remove anything completely. This is the guide I used and had no problems with removal.....


http://www.bleepingcomputer.com/virus-removal/remove-internet-security-2010

Doobie1357 wrote:

Uh oh. Now I got something that looks bad goin on.

AVG says Threat Detected!
File name: C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1\A0002105.exe
Threat Name: Trojan Horse SHeur2.CFOA
Detected on Open.
Process name: C:\WINDOWS\system32\svchost.exe
Process ID: 1216

I hope I'm wrong when I'm thinking the virus, which has seemingly been wiped off the computer, has somehow managed to get into the svchost file. What should I do? Is it in the restore points now too?

Some viruses in the past have been masked as an svchost file. You may have a version of one of those that was somehow linked to the Security Internet 2010. As far as I know the Security Internet 2010 virus does not mask as svchost from any of the research I have done.

It's called Internet Security 2010.

jkrank82 wrote:

Doobie1357 wrote:

Uh oh. Now I got something that looks bad goin on.

AVG says Threat Detected!
File name: C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1\A0002105.exe
Threat Name: Trojan Horse SHeur2.CFOA
Detected on Open.
Process name: C:\WINDOWS\system32\svchost.exe
Process ID: 1216

I hope I'm wrong when I'm thinking the virus, which has seemingly been wiped off the computer, has somehow managed to get into the svchost file. What should I do? Is it in the restore points now too?

Some viruses in the past have been masked as an svchost file. You may have a version of one of those that was somehow linked to the Security Internet 2010. As far as I know the Security Internet 2010 virus does not mask as svchost from any of the research I have done.

Crap! That figures. I know this is probably off topic but what can I do to get this outta here?? Walware Bytes doesn't find it.

Hi folks, first time poster here. Got this Internet Security Stuff popping up this morning and came here to find some help.

Im about to embark on this Malwarebytes program as posted, but before I do it I would of course want to back up my files. This is my old computer (running on XP) and my new one is arriving this afternoon- a lot of the files on the old one have gotta be transferred to the new. Its also essential that this computer gets fixed as itll stay in commision for other persons. Now Ive backed up some stuff before sometime last month but it hasnt hit my usual backup date yet so I havnt done it this month and theres some stuff I cant risk losing. Is it possible to back files up to a flash drive without getting the virus to spread across onto it?

Secondly, should I run the Malwarebytes prgram in Safemode straightaway or give it a try first in regular? Does it matter how long I leave this for? The Internet Security program doesnt seem to be doing much except blocking Task Manager...

Finally, Ive become a bit confused after reading the other posts so could someone tell me what the essential list of programs is that I need? The whole changing of registry stuff was a bit confusing and Im not really sure what thats about. Anyways all help is greatly appreciated!

Thanks

F8 all I like, I cannot get into safe mode any thoughts?

Well folks good news, got my issues sorted with the guide and some other prgrams...

Many thanks for the guide!

0s1r1s wrote:

DarkS0ul wrote:

Yes it was one of the first things I fixed:

Fix the path for userinit (Change C:\ to reflect your path): So use the UBCD4win and make sure the path and file are correct. That will fix the login logout loop.

Code:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

Two of my customers got this virus this morning and this is the addition that really helped me to resolve the problem. This little pest may have evolved since this guide was written because if the userinit.exe is changed you won't even be able to get into Safe Mode so the rest of the guide is pointless without this. I think this should be added to the full instructions.

Legend!

Please excuse my ignorance, but how do you actually go about fixing this? Can someone provide an easier step-by-step guide for this?

Thanks in advance!!!

Thanks much. Worked beautifully.

hi all,

i came across this issue today. so i started the computer in safe mode (with connection) but i could not go online. i did not have malvare softare becouse i did not downloaded before restarting. i had to find out different solution.

i found an installation file of ,,glary utilities'' application (i always keep the installaion files of good sofware) . i managed to install it (in safe mode). the software has got several features. among them there is process manager and administration tool. process manager let me to stop the unwanted process (the process had very long name - a mixture of letters and numbers) and i could also perform system restore. when sytem was restored interet security 2010 was gone.

the version of "glary utilites'' i used is:2.9.0.518

i hope the above info will help

My computer won't allow me to start in safe mode! What do I do?

How do I do this? I'm following your instructions but the Windows advanced menu just keeps coming up after I select safe mode with networking.

I used Malwarebytes to remove, but now I've noticed when I boot up my PC it's takes a little over a minute for anything to even come up or respond. Also I still have "FindGala" search engine on Firefox instead of Google.

I run Malwarebytes again but it doesn't pick up any malicious software now... any suggestions?

I got this virus last night I was able to get it removed but now the warning is stuck on on windows screen any ideas how to fix that?

I'm a total newb. Saw this URL on a different website when I was looking for a solution...

I was able to download MBAM and I did a quick scan, let it restart... when it restarted, the taskbar froze up, and my desktop was still obviously infected. I rebooted again, hit F8, and tried to enter safe mode. Blue screen. I think my computer has succumbed to its wounds. I should probably reformat and reinstall Windows, but I don't have any OS software. I guess I'll have to take it to a technician. :-)

Hey everyone. Im new to geek police, just signed up becos havin real bad difficulties with internet security 2010 and nt authority system shutdown. They have taken over my computer and i can't do anything to combat it that works. Task manager wont even come up anymore, nor will the start up bar. Really stuck and would appreciate advice becos i am a novice at this stuff. Many Thanks.

Oh boy. I just got this bloody virus myself, and I'm having difficulty fixing it. First of all, I am a total noob as far as fixing any kind of problem is concerned, so please bear with me.

I can't even access the Task Manager. when I attempt to, I get an error message stating "Task Manager has been disabled by your administrator"

At this point, I can't even begin the procedure to get rid of this thing. Anybody have any pointers?

Thanks in advance.

I'm in the exact same position as "The Vacuumist"! I cant even get rid of this thing cause my task manager has been disabled. I dont have the anti-spyware that they suggested but I am currently running my Ad-Aware scan. Is that going to help? PLEASE SOMEONE HELP US!!!!!!!!!!!!!!

I got this nasty virus or whatever it is Tuesday night. It said Internet Security 2010, wouldn't let me get to my taskmanager and had a little red circle in my taskbar with a white x in it. I could not do anything in safe mode.

Fortunately I already had Malwarebytes Anti-Malware on my desktop. I somehow got rkill loaded and then smitrem, AVG and highjackthis. I loaded all of these to my desktop to get at them quickly before the stooopid virus could try to block me. Ran rkill, then SmitRem, then MBAM and AVG. Then I ran highjack this and saw stuff for MyWebSearch and got rid of that.

I thought it was all gone but we got a few pop ups the next day. Somehow realized it started in a different user account so I loaded all of the above on that user account and went through the same process. Repeated on all of the other user accounts as well.

Hopefully it is gone now. Rkill stops the darn vrus processes...since I could not get into my Taskbar I had to use that. I'm not sure if I needed to use all of those other tools but it seems to be working okay now.

Good luck everyone. Change all of your passwords on a safe computer!

btw...I also disabled system restore for a while..just in case the virus had gotten in there. It's back on now.
Not trying to tell anyone what to do..just sharing what was happening in hope it helps.

Yeah - I've lost all functionality in my machine too. Usual Internet Security 2010 messages but even in safe mode I only get as far as the BSoD (Blue Scree of Death) where the only option I am allowed is to Shut my computer down. Using F8 or F10 keys I can get into safe mode but I still end up at the same screen (The welcome screen where your only otion isto shutdown). My brain cell has no idea how to get around this - I'd sure appreciate some advice.
Cheers,
TonyR

First of all ... thanks to this site and the insturctions on getting rid of this Internet Security 2010 garbage. So far so good. I wanted to add .. just in case any one else is helped by it.. that when the program first told me that my Task Manager could not be loaded I just did it again really fast .. I saw it come up for a second then go away. Somehow... trying multiple time ( ctrl alt del ) finally got the Task Manager up and it stayed. Just tried different timing. ,, good luck! Does anyoen have any idea yet how to NOT get this thing again?

[quote="The Vacuumist"]

I can't even access the Task Manager. when I attempt to, I get an error message stating "Task Manager has been disabled by your administrator"

if you can go to the safetay mode you can try to install software that has task manager feature (non windows task manager). this is what i did and succeeded. the software i used is: ,,Glary utilities". try it.