If you have a PC infected with Internet Security 2010, you’re probably reading this article so you can understand how to get rid of it. Thankfully we’ve got the instructions to help you get rid of this awful thing.
如果您的PC感染了Internet Security 2010,则可能正在阅读本文,以便您了解如何摆脱它。 值得庆幸的是,我们已获得说明,可以帮助您摆脱这一可怕的事情。
Internet Security 2010 is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.
Internet Security 2010只是许多伪造的防病毒应用程序之一,例如Antivirus Live , Advanced Virus Remover以及其他将您的计算机扣为人质直到您支付赎金的软件。 他们告诉您您的PC感染了假病毒,并阻止您采取任何措施将其删除。
Note: If you just want the instructions to get rid of it, you’ll want to scroll down a bit.
注意:如果您只想删除说明,则需要向下滚动一点。
Anatomy of an Infection
感染的解剖
Normally these infections start with a popup message like this one, coming from a rogue site or malvertisement—and they are often served up from porn sites, though these viruses are not exclusively from there.
通常,这些感染都是从流氓网站或恶意广告中发出的这样的弹出消息开始的,而且通常是从色情站点提供这些消息,尽管这些病毒并非仅来自那里。
IMPORTANT NOTE
重要的提示
If you’re a regular How-To Geek reader, you’re probably savvy enough to know how to avoid actually installing these things, but there’s a good chance that your mom isn’t. If you’ve got a relative that doesn’t know what they are doing, here’s what you should tell them to do when they get a popup like this one:
如果您是普通的How-To Geek读者,那么您可能足够聪明,知道如何避免实际安装这些东西,但是您的妈妈很有可能不会。 如果您的亲戚不知道他们在做什么,那么当他们出现这样的弹出窗口时,您应该告诉他们该怎么做:
HOLD DOWN THE POWER BUTTON FOR 10 SECONDS!
按住电源按钮10秒钟!
Seriously. If they really are infected with a real virus, powering off won’t be any worse. Some of these things are tricky and will try and install themselves no matter which way you click, and they look just like a real Windows error message. Powering off is just the simplest and best option for non-tech-savvy users. And yes, this is exactly what I tell my mom to do.
说真的 如果他们确实感染了真正的病毒,关闭电源也不会更糟。 其中一些操作比较棘手,无论您单击哪种方式,它们都将尝试自行安装,它们看起来就像是真实的Windows错误消息。 对于不懂技术的用户来说,关闭电源只是最简单,最好的选择。 是的,这正是我告诉妈妈要做的。
Moving Forward…
向前进…
Once you click the popup message, you’ll be presented with a page that looks like your My Computer view, telling you that your PC is infected. Nevermind that no real antivirus looks like this, regular PC users don’t know any better.
单击弹出消息后,将显示一个类似于“我的电脑”视图的页面,告诉您您的PC已被感染。 没关系,没有真正的防病毒软件看起来像这样,普通的PC用户对此一无所知。
After a few seconds of this, you’ll be presented with a popup dialog in the web page that says your PC is infect, and you can click the button to Remove all. The dialog looks real, and can even be dragged around the page—in my research, this seems to be the point where most regular users get confused.
几秒钟后,您将在网页上看到一个弹出对话框,提示您的PC已感染,您可以单击“全部删除”按钮。 该对话框看起来很真实,甚至可以在页面上拖动—在我的研究中,这似乎是大多数普通用户感到困惑的地方。
Once you’ve clicked it, you’ll be prompted to run an installer—which you might note has a number of warnings.
单击它后,系统将提示您运行安装程序-您可能会注意到其中有许多警告。
As soon as the installer is able to execute, you are infected.
一旦安装程序能够执行,您就被感染了。
You won’t be able to open up any applications…
您将无法打开任何应用程序…
And you can’t remove it from Control Panel.
而且您无法从“控制面板”中将其删除。
Removing Rogue Fake Antivirus Infections (General Guide)
删除流氓假防病毒感染(常规指南)
There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:
通常,您可以遵循几个步骤来消除大多数流氓防病毒感染以及实际上大多数类型的恶意软件或间谍软件感染。 快速步骤如下:
Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
尝试使用免费的便携式SUPERAntiSpyware版本删除病毒。
- If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load) 如果这不起作用,请通过网络将PC重启到安全模式(在Windows开始加载之前立即使用F8)
Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
尝试使用免费的便携式SUPERAntiSpyware版本删除病毒。
- Reboot your PC and go back into safe mode with networking. 重新启动PC并通过网络返回安全模式。
If that doesn’t work, and safe mode is blocked, try running ComboFix. Note that I’ve not yet had to resort to this, but some of our readers have.
如果这不起作用,并且安全模式被阻止,请尝试运行ComboFix 。 请注意,我还没有求助于此,但是我们的一些读者却有求助。
Install MalwareBytes and run it, doing a full system scan. (see our previous article on how to use it).
安装MalwareBytes并运行它,进行完整的系统扫描。 (请参阅上一篇有关如何使用它的文章 )。
- Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials). 再次重新启动PC,然后使用常规的防病毒应用程序运行全面扫描(我们建议使用Microsoft Security Essentials)。
- At this point your PC is usually clean. 此时,您的电脑通常是干净的。
Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).
这些是通常有效的规则。 请注意,有些恶意软件感染不仅会阻止安全模式,而且还会阻止您执行任何操作。 我们将很快在另一篇文章中介绍这些内容,因此请确保订阅How-To Geek以获得更新(页面顶部)。
Let’s Get to Removing Internet Security 2010
让我们开始删除Internet Security 2010
The first thing we’ll want to do is kill the virus that’s currently running on the system, and there’s a really easy way to kill Internet Security 2010 without downloading any special software just to kill it (we’ll still need to download something to clean it, however).
我们要做的第一件事是杀死系统上当前正在运行的病毒,并且有一种非常简单的方法可以杀死Internet Security 2010,而无需下载任何特殊软件来杀死它(我们仍然需要下载一些内容以删除它)。清洁它)。
Open up the Start menu, click the Run button (or use the Win+R shortcut key), and then type in the following:
打开“开始”菜单,单击“运行”按钮(或使用Win + R快捷键),然后键入以下内容:
taskkill /f /im is2010.exe
taskkill / f / im is2010.exe
Hit the Enter key, and the main virus window should go away. After you’ve done that, you’ll want to quickly execute the following commands:
按下Enter键,病毒主窗口应消失。 完成此操作后,您将需要快速执行以下命令:
taskkill /f /im winlogon86.exe
taskkill / f / im winlogon86.exe
taskkill /f /im winupdate86.exe
taskkill / f / im winupdate86.exe
At this point the virus isn’t currently running on your system—but it’s still lurking in the shadows, but you can actually run any malware removal tools that you’d like.
目前,该病毒尚未在您的系统上运行,但仍潜伏在阴影中,但是您实际上可以运行所需的任何恶意软件清除工具。
Use SUPERAntiSpyware to Clean the Malware
使用SUPERAntiSpyware清除恶意软件
Now that we’ve killed off all those processes, we’ll get to removing the actual malware from the system by downloading SUPERAntiSpyware and installing it. You should be able to grab the full version, or you can use the portable variety that we’ve already recommended.
现在我们已经杀死了所有这些进程,我们将通过下载并安装SUPERAntiSpyware从系统中删除实际的恶意软件。 您应该可以获取完整版本,或者可以使用我们已经推荐的便携式版本。
If you grabbed the full version, make sure to use the Check for Updates button, and then click the Scan Your Computer button… make sure to perform a Complete Scan, and select all of your drives.
如果您获取完整版本,请确保使用“检查更新”按钮,然后单击“扫描计算机”按钮……请确保执行“完整扫描”,然后选择所有驱动器。
It should easily find and kill all of them. You’ll probably note that on this particular machine that I was using in the screenshot, there was a lot of other bad stuff that it caught as well. Woot!
它应该很容易找到并杀死所有这些人。 您可能会注意到,在屏幕截图中使用的这台特定计算机上,它还捕获了许多其他不良信息。 !
Once it’s done, it’ll let you remove them all in a click, and then prompt you to reboot… you shouldn’t reboot yet. Job isn’t done, however!
完成后,您可以单击一下将其全部删除,然后提示您重新启动……您不应该重新启动。 但是工作还没有完成!
Install Malwarebytes and Scan
安装恶意软件并扫描
Next you’ll want to install MalwareBytes and run it, making sure to run a full scan. The main reason to do this is because there’s no way a single malware removal tool can know about every single piece of malware out there, and you may as well make sure your system is clean.
接下来,您将要安装MalwareBytes并运行它,确保运行完整扫描。 这样做的主要原因是因为没有一个单一的恶意软件清除工具可以知道那里的每一个恶意软件,因此您最好还要确保系统是干净的。
Install Microsoft Security Essentials
安装Microsoft Security Essentials
You should definitely install Microsoft Security Essentials and run another full scan once you’re done.
完成后,您绝对应该安装Microsoft Security Essentials并运行另一个完整扫描。
Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.
注意:如果在此过程中的任何时候使用了拇指驱动器,则还应确保并进行扫描-我已将病毒跳到拇指驱动器,准备感染下一台计算机。
Sidebar Note
侧栏注释
Here’s an interesting fact for you—the two processes that we killed earlier are actually from Advanced Virus Remover, another awful malware we’ve previously told you how to get rid of. Clearly they are both developed by the same jerk.
对于您来说,这是一个有趣的事实-我们之前杀死的两个进程实际上来自Advanced Virus Remover ,这是我们之前已告诉您如何摆脱的另一种可怕的恶意软件。 显然,它们都是由同一个混蛋开发的。
The winlogon86.exe seems to be mostly used to show messages like this one:
winlogon86.exe似乎主要用于显示这样的消息:
While winupdate86.exe is responsible for blocking you from opening other apps, and re-launching the main Internet Security 2010 window.
而winupdate86.exe负责阻止您打开其他应用程序,并重新启动Internet Security 2010主窗口。
Note: Robert, one of our excellent readers, wrote in mentioning that you can often just leave this window open, and then continue to install any malware removal tools you like. Here’s what he had to say:
注意:Robert,我们的优秀读者之一, 在写信时提到 ,您通常可以只打开此窗口,然后继续安装所需的任何恶意软件清除工具。 这是他不得不说的:
There is one little trick that you missed, that I mentioned on a different post that was similar to this one. When it pops up with the error message saying; “Application cannot be executed. File is infected.” ..etc… Simply *MOVE* that message box to the corner of the screen, and you can install SuperAntiSpyware just fine.
您错过了一个小技巧,我在另一篇类似的文章中提到了这一技巧。 当它弹出时显示错误信息: “无法执行应用程序。 文件已被感染。” ..etc…只需*将*该消息框移动到屏幕的一角,即可安装SuperAntiSpyware。
There appears to only be one instance of that “error message” that will run at any given time. You will get multiple errors, you won’t get that obnoxious sound that computer makes when it tells you that you can’t do that…. Now, if you hit “OK” you’re just asking for a headache.
似乎在任何给定时间都将运行“错误消息”的一个实例。 您将遇到多个错误,当计算机告诉您无法执行此操作时,您将不会听到计算机发出的令人讨厌的声音……。 现在,如果您单击“确定”,您只是想头痛。
Great tip Robert, and thanks for helping out the cause! I’ve tested this out, and it appears to be the case depending on which virus you are infected with—some of them are smarter and shut you down all the way.
罗伯特·罗伯特(Robert),谢谢您的帮助! 我已经对此进行了测试,具体情况取决于您所感染的病毒,其中某些病毒更聪明,可以完全关闭您的计算机。
What About You? Had any Virus-Killing Experiences?
你呢? 有杀毒经验吗?
Have you had any experience lately killing this virus, or other similar ones? Let us know in the comments, or feel free to email into the tips line at tips@howtogeek.com with your best method for killing these viruses. We’d love to hear your expert feedback!
您最近是否有杀死这种病毒或其他类似病毒的经验? 在评论中让我们知道,或者随时通过最佳方式杀死这些病毒,通过电子邮件将其发送至tips@howtogeek.com 。 我们希望听到您的专家反馈!
Update
更新资料
Looks like there might be some stronger versions of this thing out there – I would advise not rebooting after you run the initial SUPERAntiSpyware scan, and installing and running MalwareBytes right away. Also, you should check out the advice from all the readers in the comments below.
看起来可能有一些更强大的版本-我建议您在运行初始SUPERAntiSpyware扫描并立即安装并运行MalwareBytes之后,不要重新启动。 另外,您应该在下面的评论中查看所有读者的建议。
374
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
