PDA

View Full Version : Malware: Personal Antivirus



smurf
07-09-2009, 12:13 PM
A friend in the US has been hit with this malware: Personal Antivirus. Having Googled it, it appears to be quite virulent. Has anyone had any experience with it and particularly how to remove it?? Thanks

Speedy Gonzales
07-09-2009, 12:15 PM
If it appears in add/remove programs, uninstall it. If it doesnt use malwarebytes update it then scan the whole hdd. If its got entries in startup, use ccleaner and remove them / reboot. Then remove it. If files are running in task manager kill them

Blam
07-09-2009, 12:23 PM
MBAM should easily remove it.

smurf
07-09-2009, 12:25 PM
Hi Speedy, I think deleting it from Add/Remove programmes has been unsuccessful and she
has tried downloading and installing Malwarebytes. Malwarebytes unfortunately refuses to open(is the the work of the Personal Antivirus malware). What might be a work around? Thanks for your help.

Speedy Gonzales
07-09-2009, 12:28 PM
If its removed reboot then try reinstalling mbam. If that doesnt work, install it / update it then do a full scan in safe mode / networking mode

Blam
07-09-2009, 12:32 PM
Run this online scanner if that fails:
http://www.eset.com/onlinescan/

Blam

smurf
07-09-2009, 12:36 PM
Thanks Speedy and Blam...I will pass this on

smurf
07-09-2009, 04:58 PM
Just having thoughts as you do. If all the above suggestions fail, would a clean reinstall of XP be a solution or will viruses on the existing system transfer during the reinstall ?

One significant problem is at the moment the system has come to a crawl and even if downloading eg Malwarebyes begins, there is no guarantee it will complete download because the system freezes completely.


Thoughts and/or suggestions please.:thanks

Speedy Gonzales
07-09-2009, 05:35 PM
It shouldnt freeze in safe mode / networking. Since hardly anything is running. Disable system restore as well (in normal windows if you can). Then reboot into safe mode / networking.

If its freezing in safe mode, its not because of this.. A clean install should fix it, BUT he / she'll have to reinstall drivers for everything to work after (if he / she's not using a restore cd /dvd / partition). Otherwise nothing will work. Or if he / she can download teamviewer, then boot into safe mode / networking, I could probably check it from here. After they install teamviewer, and you send the ID and password to me in a PM

smurf
07-09-2009, 05:50 PM
Speedy, thanks for your reply. At this stage because of time differences, I believe the suggestions you and blam originally made have yet to be done so I will wait until I hear. It may be a day or so until they can get to work to view my emails (tomorrow is Labor Day in the states and thus a holiday). It was my thought about a clean reinstall duh and I never thought about the drivers :) That said, I will wait to hear of progress and will advise when I hear. Thanks for your help and offer.

Speedy Gonzales
07-09-2009, 05:56 PM
WHERE in the US?

smurf
07-09-2009, 06:07 PM
Near Chicago

Speedy Gonzales
07-09-2009, 06:19 PM
Mmm ok just after midnight / monday morning there at the mo.

smurf
07-09-2009, 06:45 PM
Yep and with Monday being a holiday, I don't expect to hear til Tuesday (our Wednesday) unless they are able to remove the malware.

Blam
07-09-2009, 09:29 PM
Just having thoughts as you do. If all the above suggestions fail, would a clean reinstall of XP be a solution or will viruses on the existing system transfer during the reinstall ?

One significant problem is at the moment the system has come to a crawl and even if downloading eg Malwarebyes begins, there is no guarantee it will complete download because the system freezes completely.


Thoughts and/or suggestions please.:thanks
A clean install will definetly remove the virus.

But this isn't very deeply rooted malware-doesn't seem like a very nasty virus. The nasty ones infect critical system files....thats when you need to reinstall:p

Try downloding Mbam from another machine then sticking it on a CD or flash drive and transfer it over.

Blam

smurf
08-09-2009, 09:18 AM
Thanks Blam

beama
08-09-2009, 09:07 PM
this is also a page hijacker, I have the removal instructions at work but if I remember correctly to remove, run malware bytes then trojen remover then finally hijackthis to find the entry for the hijack

trogen remover picks up want malware bytes misses (no piece of software is perfect) and yes if you run trogen remover first the mbytes, the same is true

smurf
08-09-2009, 09:28 PM
Thanks Beama