Help !! antivir 2010 took over my computer

Discussion in 'ESET NOD32 Antivirus' started by RockLobster, Jan 28, 2010.

Thread Status:
Not open for further replies.
  1. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    My girlfriend was using my computer to visit her myspace page, a antivirus style message popped up which she thought was from my antivirus warning of a virus and prompting her to click remove she did this and it appears it was a rogue malware called antivir 2010.
    It installed itself on the computer and took over the web browser and it is denying access to web sites and programs on the computer. NOD antivirus version 3 is on the computer and is up to date but did not detect this, I have seen various links on google for removal tools to remove antivir 2010 but I have no way of knowing which of these are genuine or if they are more of the same malware.
    I dont want to make matters worse what can I do to remove this antivir 2010 and why didnt ESET antivirus detect this ? Also I tried to install ESET NOD version 4 but that malware is preventing it from installing. Version 3 is still on there and appears to be working but is doing nothing about this antivr 2010 thing.
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    We had quite a few of this variant come in to our care, it's a rather easy variant to get rid of, it's been out quite a few months.

    First, hit it with ComboFix, then use the Symantec UnhookExecInf tool to reset shell settings.

    MalwareBytes and Microsoft Security Essentials take care of the rest quite easily.
     
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Removal guide here. Do Not Proceed Without Expert Assistance !!!
     
Thread Status:
Not open for further replies.