Internet Security 2010
What is Internet Security 2010?
Internet Security 2010 virus is a piece of useless security program that recently spread over the Internet and infecting its victim by means of a script executing on a malicious websites. Internet Security 2010 malware will be implanted on to the system unknown to victim and will generate a bunch of fake security messages after installation. These messages can be a pop-up warnings, fake web page, taskbar alerts or a desktop wallpaper. All of these were created to mislead you into purchasing the full version of Internet Security 2010.
If you think that having a licensed version of Internet Security 2010 can give you protection and remove known threats then you are already misguided. Never purchase a rogue program such as Internet Security 2010 fake program. If you are already infected, remove Internet Security 2010 with a known or trusted anti-malware application and an antivirus combination.
| Type | Rogue |
| Sub-Type | FakeAV |
| Aliases | |
| OS Affected | Windows |
| Detected By | MalwareBytes |
What are the Symptoms of Internet Security 2010 Infection?
Internet Security 2010 will display a fake virus scan results showing multiple detected fake threats.
Internet Security 2010 will modify Windows Registry and add the following entries:
- %Program Files%\InternetSecurity2010
- %Program Files%\InternetSecurity2010\IS2010.exe
- %Documents and Settings%\[USER]\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
- %Documents and Settings%\[USER]\Cookies\user@buy[1].txt
- %Documents and Settings%\[USER]\Desktop\Internet Security 2010.lnk
- %Documents and Settings%\[USER]\Desktop\SetupIS2010.exe
- %Documents and Settings%\[USER]\Start Menu\Internet Security 2010.lnk
Internet Security 2010 will drop the following malicious files:
- HKEY_CURRENT_USER\Software\Internet Security 2010
- HKEY_LOCAL_MACHINE\SOFTWARE\Internet Security 2010
- HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run “IS2010.exe”
How to Remove Internet Security 2010 Manually
1. Restart your computer in SafeMode
- After Power-On the computer, just before Windows start, press F8
- From the selections, Select SafeMode
2. Remove Registry entries that the threat added. You MUST BACKUP YOUR REGISTRY FIRST.
- Click Start > Run
- Type in the field, regedit
- Navigate and look for the registry entries mentioned above and delete if necessary
3. Delete malicious files that the threat added:
- Base on the given location above, browse and delete the file
- If no location is given, click Start>Search> and search for the files.
- If cannot be deleted, press Ctrl+Alt+Del to access Task Manager, see if the file is running in the process. If it is, select the file and click End Process. Perform file delete again.
4. Scan computer with Antivirus Program
- Update antivirus program
- Scan computer and delete all detected threats.
Automatic Removal of Internet Security 2010
1. Download and run MalwareBytes AntiMalware to remove Internet Security 2010
Incoming search terms for the article:
- Internet Security 2010 virus removal
- how to get rid of internet security 2010
- how to get rid of pop up virus from visitor account
- how to get rid of desktop security 2010
- how to get rid of desktop security 2010 virus
- how to get rid of internet security 2010 virus
- what is internet security 2010
- internet security 2010 safe mode
- is2010 exe removal
- get rid internet security 2010
Ive tried going to safe mode and it wont allow me. it wont allow me to start malwarebytes either
Translate
I have the same problem as Tom. IS200 disables the Task Manager and will not allow Malwarebytes to install. It also prevents me from entering Safe Mode, in any mode other than the normal user.
It also has disabled the ability to start regedit.
Translate
your is2010 removal process worked like like a charm, thanks so much.
Translate
My computer gives me an error message when I try to enter safe mode…Also I have run malwarebytes and spybot and it says that it removed bad files/the files that disable me from opening task manager but i still cannot open it….
I think IS2010 has blocked me from going into safemode?
what should i do…
Translate
The virus also affects the taskmanager
Translate
I also have the same problem opening task manager and such. the safe mode won’t work either. help?
Translate
I have the InternetSecurity2010 virus in my notebook. After the scan with AVG, nothing…..i reboot my pc but it doesn’t start, but it ever reboot itself, in everything start mode(normal, safe,…..)….what can i do??????Help please (and sorry for my english)
Translate
Try this (worked for me running Vista)
Click on Start and then bring up the Run dialog box. Enter the following
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
Now use Cntl+Alt+Del to access the task manager (don’t try clicking the taskbar it will get blocked)
Stop the IS2010 process and winupdate86.exe and then from the file menu goto new task and enter regedit.
Fingers crossed you should now have access
Translate
Alright I try the method above
u must stop the file from using in the task manager first……..I am still trying it…I will tell you guys what happen later
Translate
Alright, I try it. However, whenever I type regedit in the run menu it do not allow me to show up. For some reason it said it does not allow me to perform such task there.
Translate
Problem is that IS2101 blocks everything – task manager, regedit, control panel, etc
Translate
im in the same boat as john
can’t get to task manager, not even through running taskmgr
!
Translate
I have had similar problems with IS2010. It has disabled my Task Manager and my desktop wallpaper. I solved the task manager by doing the following:
Open a run command and type in:
regedit.exe click [OK] and locate this Key:
[-]HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System
I found a registry key alon the lines of “Disable TaskManager”. I deleted this key and I have my Task Manager back. Still working on the desktop wallpaper problem
Translate
wow I just had this and it was a nasty one. I managed to get it by visiting dodgy proxy websites. I’m not sure how it managed to inject itself into my computer. I didn’t think this was possible unless I executed something but I have been proven wrong. Anyway I managed to get rid of it by running downloading and running malwarebytes. I ran a probram called rkill.com first because it was suggested on some forum. I’m not sure if that program did anything.
Afterwards there appears to be a small remnant remaining. Firefox redirects to a webpage once in a while. I’m running Superantispyware now and it has found something remaining on internet security rogue. I think this will fix it.
Translate
this worm grabbed everything – now iu can’t even log on – the computer auto shuts down
trying f8 did not work
i managed to get spydoctor loaded and after one pass this worm grabbed everything – now iu can’t even log on – the computer auto shuts down
now i cAn’t get access to the system — i have a zecond pc if there are any downloads that would auto execute from a thumb drive at pwr on???
Translate
“Colin says:
January 2, 2010 at 1:46 pm”
I followed colins tip with the registry entry and that allowed me to access regedit which was previousley blocked. Thanks.
Translate
i am SOOOO pissed at this program and internet fucktards like these scammers should be stabbed in the eyes with daggers. i pray to GOD these assholes are found and murdered!!!!
Translate
OMG i just found the internetsecurity file finally!!!!!
go to start, then click run, then type regedit!
then click:
.hkey_current_user
.Software
.Microsoft
.Windows
.RUN
inside the run folder is that piece of shit file!!!
i still can’t find how to unfreeze my desktop wall paper.
i had to ctrl+alt+del a bunch of times to finally fool IS2010 to let me delete it from running in the task manager. this is SUCH bullshit! does anyone know how this gets into your computer?!????
Translate
i got another one!!!
go to start, click run, type redegit
(maybe this is all provided on this site, but here’s the exact steps!!!)
go to :
.HKEY_Users
..S-1-5-21-894825683-63292526-1006
…Software
….IS2010
that’s that fucking file! delete it!
Translate
I tried colin’s solution and it didn’t work…maybe I did it wrong. I typed in the command and hit okay. For a second something looking like a dos box opened up and then shut down again. I tried SHIFT ALT DELETE and was still locked up by this bloody thing!
Help please.
Translate
all of this to complicateing for me so i found an easy way to get rid of virus keep on clicking on system restore itll keep telling you file damaged but keep clicking and it will appear, click a date on the left side the virus popup will be blocking right hand side dates do not get rid of virus popup just click next on system restore then next again and as easy as that virus gone system restore.
Translate
I had the same problem and downloaded the patch from net-studio.org, the exact link as hxxp://net-studio.org/eng/patch/patch/156.html?task=view. Ran the removal program and fixed the IS2010. I can access task manager, regedit, etc. However, my desktop is still blocked by the worm, and both firefox and IE could not start. I ran NAV and found nothing, then ran Housecall from Trend Micro and found a trojan named FAKEINT.JA. After HouseCall removed the trojan, the desktop wall paper returned to its original setting after reboot the OS but still not able to run Firefox and IE.
Translate
I just wanted to let everyone know.
I was reading on this forum about the virus as my father had the same thing on his computer. It had disabled regedit, system restore, desktop, taskmgr as well as other things.
Heres what I did.
I hit ctrl+alt+delete several times in a row and it literally bypassed the block that was put on by IS2010. I then went through and ended the process trees of any process (local and system) that I did not recognize or were not needed by windows to run the computer. After I did this, I went into the program files folder, deleted the Internet Security 2010 folder, deleted it from the recycling bin, and then I was able to access my regedit. At this point I still am not able to access my desktop settings, but I am working on that. Now that I can use regedit and taskmgr, its a start. And all them dang pop ups have stopped.
Translate
When you install MalwareBytes’ right as the folder is made in your program files folder go into it and when “mbam.exe” pops up quickly change the name to anything you can. you then will be able to use malware bytes
Translate
I have run MalwareBytes twice and it doesnt get rid of it. Additionally I get some kind of error when I try to hit run.
Whoever makes these viruses is a waste of talent, but more importantly, a waste of semen
Translate
what an inconvenience…having to do all of this to get rid of this stupid waste of crap! I’d be gladly willing to pay the $50 to a collection that would be gathered into a bounty reward to have the person(s) (and their immediate family) that came up with these stupid fake antivirus programs tortured then executed. I’m sure that I am not alone on this matter and there are alot of people who would pay to see/have these virus makers hung dead on a rope.
Translate
i believe that malware does not work until you get rid of the processes that are disabling taskmanager, regedit, & etc. so going by what Brian said about hitting alt control delete repeatedly so much that it bypasses it’s disabling. instead of doing that I repeatedly tried to open rkill (even though it would come up as being infected) after a couple times of hitting rkill (while in safemode) it disabled internet security 2010’s disabling of task manager, plus rkill killed all of the processes. run malware after and it should be good. ran malware before without killing processes and popups would keep popping up even while malware was running scan.
Translate
I have had the same problem w/ a couple machines. Malwarebytes worked fine EXCEPT, Internet Explorer no longer will access webpages. Any ideas? Thanks in advance.
Translate
mikeywilly, try the following:
REMOVE THE PROXY SERVER
Open IE, click Tools … Internet Options … Connections, click LAN settings, then uncheck the Proxy server box (if checked)
RESET the LAYERED SERVICE PROVIDERS
If that did not work (or even apply), click Windows Start button … Run (XP only) … type “netsh winsock reset catalog” and click OK; reboot the PC
Translate
I recently had this virus, last weekend 1-15-10, and after running several antivirus programs had no luck. When I heard about malware bytes working, i tried it and it got rid of everything on the first quick scan(lucky me).
My only concern now, is whether or not something is “hidden” that will worm it’s way through the windows registry and make my computer become slower over more time. Has anyone that got rid of the virus noticed any aftermath effects? Or better yet, found a way to totally get rid of them if there are any?
I’ve noticed that my internet has gotten progressively slower over the past few days since the virus was removed. I’ve had a few of my games crash now as well… sigh… I too would gladly pay $50, $100, and maybe more to have these idiots who devise these retarded master plan viruses to be beaten severely.
I caught a similar virus to this one about 5 or 6 months back, that would not let me use any antivirus program, nor malware bytes. A total meltdown of sorts… I wound up never being able to find a solution and wiping everything and starting from scratch… blasted viruses…
Translate
I tricked it. I installed Malwarebytes on my other desktop and copied the .exe file to my flash drive along with the setup exe. Afer I ran the install, I copied the .exe to the program file and was able to run Malwarebytes.
Translate
Download comodo firewall and comodo virus scan both are 100% free. This is how I got rid of Internet Security 2010.
Translate
I used rkill.com, then Malwarebytes to remove the is2010 virus and it seemed to fix everything, but now some sort of phishing/redirection thing is running in my Firefox browser. When I use the search engine in the tool bar it opens a copy of the google results then misdirects you. Appears to be trying to get bank passwords, etc. Very dangerous stuff! I looked at the history and it seems to be visiting multiple sites from one click, including some called rdrect?, and others with incredibly long addresses. I am going to uninstall Firefox and install a fresh version after another round of rkill and Malwarebytes.
Translate
Start > All Programs > Accessories > Command Prompt
“RightClick” > Run as administrator
Type: start taskmgr
Kill unwanted process
Type: start regedit
Delete unwanted keys
You can navigate to system32 directory and delete all unwanted files also…
You nac initiate install of any software from this command prompt in case acces to install is still being blocked…
Good Luck
Translate
THIS THING IS SO ANNOYING
ive been trying to get rid of this virus for 3 days now and nothing has worked. i downloaded many antiviruses and avast was the only one that worked. But once i ran the scan, the internet security thing was still there. i tried to put the computer in safe mode but the internet security still opened. i tried everything that everyone wrote above me but nothing seemed to work. PLEASE REPLY IF YOU KNOW EXACTLY HOW TO GET RID OF THIS THING.
Translate
I had this nasty virus today (at least I assumed I got it today – maybe it was lurking in the background beforehand).
I followed the instructions on this page:
bleepingcomputer.com/virus-removal/remove-antivirus-vista-2010
step by step. I am not hugely computer literate; but this helped me through the process, so everyone can use it is what I am saying! It makes use of the Malwarebytes’ Anti-Malware program which IS a genuine program. The instructions tell you to use a 2nd computer and a USB stick; you have to download the Malwarebytes software installer and a file that alters your registry in order to suppress the ‘Internet Security 2010′ and allow you to actually install the Malwarebytes software. I appear to be free of the nasty virus now.
I use Vista so it called itself Vista Internet Security 2010; it’s a chameleon virus, giving itself different names depending on what system you’re running, and blending into your interface almost seamlessly at first (spelling mistakes and non-Windows default windows do come up after a certain point).
I am still googling about it as I want to know HOW I got it. I am not the sort of person to click ‘OK’ on a random pop-up!
Follow those instructions step by step and I hope it helps you out. I hope the perpetrators of this are prosecuted. It’s the sneakiest virus I have seen.
Translate
I had this virus and could not log onto the machine. I was fortunate and have several other computers laying around, so I removed the HD and put it into a different computer where it showed up as the F: drive. I ran some virus scanners which found some errors but I also:
1) cleaned out the windows\prefetch directory
2) removed all the files that were modified around the time that the virus showed up.
3) then the tough part – I snagged a copy of the registry from the system_volume_information from roughly 10 days prior to the virus infestation directory and replaced the current registry with that one (this took care of a LOT of issues).
If you don’t have a 2nd computer laying around, you can do most of this by booting into the recovery console and taking care of the registry stuff first and remove many of the virus files, then, reboot and run virus scanner(s).
Translate
ok guys so if you are haveing trouble with this piece of shit virus and you cant do shit on your comp. then try this. Go to your control panel then go to add users and make a guest account then follow the steps that tiffiny provided it should work hopfully
Translate
Hi,
So much for anti-virus tools, eh? Cannot get rid of this thing despite spending $$ on anti-virus and operating systems.
Everyone’s right to complain about the people who do this. But you know what, if someone crashes into another vehicle at normal speed (even deliberately) and the gas tank explodes, people are quick to criticise (and sue) the manufacturers of the vehicle.
It’s a pity such standards are not applied to the producers and sellers of operating systems!
Translate
Internet Security 2010 is a MF and people should be prosecuted for this bs. It DL when looking for episodes of cops. Watch out. It was 5th or 6th link in google search. POS’s
Translate
This thing will not allow me to do ANYTHING after the popups come up… i cant get to taskmanager, i cant run any programs, i downloaded sum stuff on my laptop and attempted to run it on my puter but thats not working… I dont want to do a system restore because i have info that i need and cant lose… HEEEELP!!!
Translate
Try combofix……
Hit F8-safe mode with networking.
Hit combo fix”may have to get it from another
PC”it will go into cmd-they it will download
thru cmd microsoft recorey console.
Then it will go into stages.
after it’s gone look thru the other stages
posted here-do that to make sure…..
Translate
I had to run MalwareBytes 3 times before it found it. It did remove it though.
Translate
I had the same problem; I ran malwarebytes and removed 2010 vista internet security, however each time I now scan my computer with malwarebytes it finds: Malware.Trace as an infected object. Along with that, I also get the blue screen where it dumps physical memory! Help! I run a vista home premium laptop.
Translate
I had the same problem with this damn virus/spyware// I downloaded MalwareBytes did a full scan and it deleted it off my pc. So far so good. I caught the damn thing when i turned off my UAC (UserAccountControl)Windows Vista. So now I have turned it back on although it is annoying as hell but at least I don’t have to worried about getting infected anymore. So try Malwarebytes it works really well. I caught it today and got rid of it today.
Translate
quote “mikeywilly, try the following:
REMOVE THE PROXY SERVER
Open IE, click Tools … Internet Options … Connections, click LAN settings, then uncheck the Proxy server box (if checked)
RESET the LAYERED SERVICE PROVIDERS
If that did not work (or even apply), click Windows Start button … Run (XP only) … type “netsh winsock reset catalog” and click OK; reboot the PC
” end quote
The winsock reset command was what i was looking for. thanks!
the malwarebyte program works pretty good. but leaves the internet useless after the removal of those pesky fake antiviral programs. i couldn’t find a fix till i found this site. i always had to resort to reinstalling windows. thanks again!
Translate
Another great post on blogging! Thanks so much for taking the time to share you information and wisdom with other bloggers.
Translate
Okay… I have this stupid virus on my computer for over a week and I CANNOT GET RID OF IT!!! I’ve done the rkill & Malwarebytes fix as well as found a site to tell me what files, folders, registries and values to manually delete to remove and NOTHING IS WORKING. Everytime I restart it restarts, too. I just don’t get it… Someone please H*E*L*P!!!
Translate
If you have a USB, try the Kaspersky USB Bootable Scanner. With this method you will scan your computer without using the infected operating system. Because it will boot from USB there is no chance for the virus to load. See it here:
http://www.precisesecurity.com/tools-resources/free-antivirus/virus-scan-kaspersky-usb/
Translate
I actually used Malwarebytes from USB… It finds some of the files but apparently not all of them since everytime I restart, as stated before, this damn thing comes back. I’ll look in to the other though as well and let you know how it goes. Thanks!
Translate