Antivirus Pro infection

Discussion in 'ESET NOD32 Antivirus' started by nitmd, May 6, 2010.

Thread Status:
Not open for further replies.
  1. nitmd

    nitmd Registered Member

    Joined:
    May 6, 2010
    Posts:
    1
    I've been running Nod32 antivirus for years without problems. Last night I was somehow infected with what appears to be a program called Antivirus Pro. It keeps throwing messages about needing to activate, various programs are infected, etc. It disables the task manager, disables regedit, so the info I found on the net about removing it doesn't work. I went to eset's site this morning on a different computer and found a program that should uninstall it. I'll try after work.

    I have no idea how I got this, Nod32 didn't throw any warning about it coming in. Now I'm gun shy; I've always trusted that I was safe browsing because of nod32, but if I can get infected by what appears to be well-known malware anyway, how do I know?

    Any info that may help me understand this would be appreciated, as I JUST signed up for a 2 year eset renewal subscription for all of my computers about 2 weeks ago.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
  3. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    This kind of malware comes in via polymorphic packagers that are increasingly hard to detect. Nod32 still a good product, one of the best when it comes to heuristics that can detect polymorphic payloads, but it is your last possible line against infection. Patching your OS and browser plugins (Java, PDF readers, and Flash are becoming the major vectors these days) is the primary thing you should be doing if you are not. After that, take steps to harden the OS. In XP, use a limited user account and only run-as Administrator for things that actually need administrator rights and set DEP to Opt-Out mode if your hardware supports it. On Vista/7, leave UAC enabled and do not screw with it, set DEP to Opt-Out, and enable SEHOP. Anything that makes it to that point hits the AV software and hopefully gets caught.
     
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Safe surfing comes with a little help, perhaps you might consider a HOSTS File
     
    Last edited: May 6, 2010
Thread Status:
Not open for further replies.