We’ve had a few machines in the past few days with the same rogue anti-virus. This one is called AntiVir 2010 and it comes the usual professional looking interface which misleads the unwary into believing that they have a series of virus infections. It then looks for your credit card to buy a “licence” to clean these phantom viruses.

Here are some screenshots in case you see this rogue antivirus:

The virus blocks all the startup programs that it can and also prevents most applications from running. If you try to run an application, it will darken the screen and report the application as infected as below.

It also puts  up fake blue screen errors to panic users. These appear to be part of a screensaver and so moving the mouse gets rid of them.

A final touch is the fake Windows Security Center. Those of you with an eye for detail will notice the incorrect icon on the top left of the window and the slightly oversize nature of the firewall, updates and security icons but it is more than good enough to fool most of us.

If you can get applications to run, we have found that a combination of Malwarebytes and Spybot Search and Destroy  deals quite effectively with this rouge antivirus in most cases. However in some cases, these tools alone are not sufficient and more advanced removal techniques are required. If this is the case, we advise you to contact us directly.

In some cases, we have seen AntiVir 2010 appear on the same machine as another Rogue Antivirus called “Personal Security”. At this point we do not know if these are the same infection or different infections.

 If you have any problems with these steps or any other problems please don’t hesitate to call one of our qualified engineers and technicians and we will be delighted to perform the required steps to deal with your problem.

| Lo-Call 1890 219 219 (Ireland) | Freefone 0808-CALHELP (UK) |

| Business Hours: Monday – Friday 9:45 to 6:30 & Saturday 9:00 to 12:00 |

In the last few weeks we have seen a sudden, marked increase in the number of calls we’ve been receiving about virus infections. There seems to be one main culprit – Internet Security 2010, a rogue anti-virus programme which appears more invasive than normal. We haven’t been able to work out a source yet. The bad news appears to be that many of the off the shelf internet security packages damage critical system files during their repair, often leaving the use facing a blank, un-responsive desktop when they log in.
For those who have been infected and still have a working desktop, we recommend using a combination of rkill.com, a command file and malwarebytes as the first steps in a clean up.

If you have a blank desktop left, specialist assistance will be required and you should contact Home Helptech who can arrange nationwide pickup, cleanup and delivery.

If you have any problems with these steps or any other problems please don’t hesitate to call one of our qualified engineers and technicians and we will be delighted to perform the required steps to deal with your problem.

| Lo-Call 1890 219 219 (Ireland) | Freefone 0808-CALHELP (UK) |

| Business Hours: Monday – Friday 9:45 to 6:30 & Saturday 9:00 to 12:00 |