|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
06-06-2009
| #1 (permalink) |
| Newbie | Cannot remove Personal Antivirus - rogue software My daughter computer with Vista is infected with the rogue software 'Personal Antivirus' but no matter what I do I cannot remove it. It is installed in C:\Program Files\PAV and Vista does not allow me to remove it. It says needs Administrator permission though I am Adminstrator and I gave all required permissions. When i click close in System Tray it does not close it. When I try to uninstall it does not uninstall it. Wondering reinstalling OS is the only option? I have Zone alarm with latest updates but that does not seem to be able to remove it. Appreciate any help. |
My System Specs |
|
06-06-2009
| #2 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software http://www.bleepingcomputer.com/viru...onal-antivirus http://www.spywareremove.com/removeP...Antivirus.html "satyad" <guest@xxxxxx-email.com> wrote in message news:3c3660e3a8d11f19c0b309b347c5abf0@xxxxxx-gateway.com... Quote: > > My daughter computer with Vista is infected with the rogue software > 'Personal Antivirus' but no matter what I do I cannot remove it. It is > installed in C:\Program Files\PAV and Vista does not allow me to remove > it. It says needs Administrator permission though I am Adminstrator and > I gave all required permissions. When i click close in System Tray it > does not close it. When I try to uninstall it does not uninstall it. > Wondering reinstalling OS is the only option? I have Zone alarm with > latest updates but that does not seem to be able to remove it. > Appreciate any help. > > > -- > satyad |
| My System Specs |
|
06-06-2009
| #3 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software DL wrote: Quote: > http://www.bleepingcomputer.com/viru...onal-antivirus > http://www.spywareremove.com/removeP...Antivirus.html > > "satyad" <guest@xxxxxx-email.com> wrote in message > news:3c3660e3a8d11f19c0b309b347c5abf0@xxxxxx-gateway.com... Quote: >> My daughter computer with Vista is infected with the rogue software >> 'Personal Antivirus' but no matter what I do I cannot remove it. It is >> installed in C:\Program Files\PAV and Vista does not allow me to remove >> it. It says needs Administrator permission though I am Adminstrator and >> I gave all required permissions. When i click close in System Tray it >> does not close it. When I try to uninstall it does not uninstall it. >> Wondering reinstalling OS is the only option? I have Zone alarm with >> latest updates but that does not seem to be able to remove it. >> Appreciate any help. >> >> >> -- >> satyad > to work with admin writes, you must right click and specifically run as admin. So if there is a start > Programs> > application you want to uninstall > uninstall file, right click on it and run it as admin. HTH Eric |
| My System Specs |
|
06-06-2009
| #4 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software Hi satyad, It only means it was installed on an admin rights and then created another account to lockdown users capability to remove or uninstall the said application and worst some have rootkit capability that is becoming more and more complex in each new variant that comes out in the open. Download hijackthis send in the logs and lets have it analyzed on what variant/class of rogue or fake AV you have. Also what version of zone alarm are you using, have you updated it recenty? where to get hijackthis http://www.trendsecure.com/portal/en...ols/hijackthis "satyad" <guest@xxxxxx-email.com> wrote in message news:3c3660e3a8d11f19c0b309b347c5abf0@xxxxxx-gateway.com... Quote: > > My daughter computer with Vista is infected with the rogue software > 'Personal Antivirus' but no matter what I do I cannot remove it. It is > installed in C:\Program Files\PAV and Vista does not allow me to remove > it. It says needs Administrator permission though I am Adminstrator and > I gave all required permissions. When i click close in System Tray it > does not close it. When I try to uninstall it does not uninstall it. > Wondering reinstalling OS is the only option? I have Zone alarm with > latest updates but that does not seem to be able to remove it. > Appreciate any help. > > > -- > satyad |
| My System Specs |
|
06-07-2009
| #5 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software Milo wrote: Quote: > Hi satyad, > > It only means it was installed on an admin rights and then created another > account to lockdown users capability to remove or uninstall the said > application and worst some have rootkit capability that is becoming more > and more complex in each new variant that comes out in the open. > > Download hijackthis send in the logs and lets have it analyzed on what > variant/class of rogue or fake AV you have. Also what version of zone > alarm are you using, have you updated it recenty? "lets [sic] have it analyzed". Once again, we do not analyze HJT logs here in the MS newsgroups. If you are going to tell people to run HJT (which should really be the last resort, especially when there are already clear removal instructions for the OP's infection - given by DL), then at least give them links to some specialty forums to post the HJT logs. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! http://www.elephantboycomputers.com/#FAQ |
| My System Specs |
|
06-08-2009
| #6 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software Hi Malke, out of respect to the links as indicated - the troubleshooting " by using a 3rd party tool - a nice marketing intro for the MB product " revolves only in XP environment not in Vista as what satyad's concern - as it also prompts in one way or the other the use of Hijackthis so how would that be different to my request of hijackthis log. And the FakeAV in satyad case and like any other fake AV it didn't came alone since the behavior he indicated now usually fake/rogue av are introduced by a catalyst malware, which am more concern about than the fake AV which is only the payload and recently some of them even have rootkit capability. And if so the request for the log is granted, I would ask them to send it via e-mail which I would gladly analyze myself. "Malke" <malke@xxxxxx> wrote in message news:eNDnde25JHA.1420@xxxxxx Quote: > Milo wrote: > Quote: >> Hi satyad, >> >> It only means it was installed on an admin rights and then created >> another >> account to lockdown users capability to remove or uninstall the said >> application and worst some have rootkit capability that is becoming more >> and more complex in each new variant that comes out in the open. >> >> Download hijackthis send in the logs and lets have it analyzed on what >> variant/class of rogue or fake AV you have. Also what version of zone >> alarm are you using, have you updated it recenty? > Milo - I see you are back and again telling posters to run HijackThis and > "lets [sic] have it analyzed". Once again, we do not analyze HJT logs here > in the MS newsgroups. If you are going to tell people to run HJT (which > should really be the last resort, especially when there are already clear > removal instructions for the OP's infection - given by DL), then at least > give them links to some specialty forums to post the HJT logs. > > Malke > -- > MS-MVP > Elephant Boy Computers - Don't Panic! > http://www.elephantboycomputers.com/#FAQ > |
| My System Specs |
|
06-08-2009
| #7 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software I agree Milo. Detecting that a file contains malware is important, but other things can be *more* important. If the detector can *identify* a specific malware for instance (giving it a name) it is more useful than just a filename. Where the suspect file is located is important - but most important in my opinion is *how* it got there and what *else* may have been done from that point on. These rogues have the ability to do some serious damage even after they are *removed*. Unfortunately, I fear HJT won't address file infections at all, only some other start methods. HJT analysis may be able to *identify* the exact malware by its various startup methods, but I doubt it will be able to tell you what other malware was available at the referenced malicious server at any given time, or what other malware uses the same ingress vector yet gets less "press" attention. Preempt the OP's likelihood of interpreting your post as a request to post his HJT log here, and I don't think anyone will object. "Milo" <jfcoel@xxxxxx> wrote in message news:eP2EzGF6JHA.5932@xxxxxx Quote: > Hi Malke, > > out of respect to the links as indicated - the troubleshooting " by > using a 3rd party tool - a nice marketing intro for the MB product " > revolves only in XP environment not in Vista as what satyad's > concern - as it also prompts in one way or the other the use of > Hijackthis so how would that be different to my request of hijackthis > log. And the FakeAV in satyad case and like any other fake AV it > didn't came alone since the behavior he indicated now usually > fake/rogue av are introduced by a catalyst malware, which am more > concern about than the fake AV which is only the payload and recently > some of them even have rootkit capability. > > And if so the request for the log is granted, I would ask them to send > it via e-mail which I would gladly analyze myself. > > > > "Malke" <malke@xxxxxx> wrote in message > news:eNDnde25JHA.1420@xxxxxx Quote: >> Milo wrote: >> Quote: >>> Hi satyad, >>> >>> It only means it was installed on an admin rights and then created >>> another >>> account to lockdown users capability to remove or uninstall the said >>> application and worst some have rootkit capability that is becoming >>> more >>> and more complex in each new variant that comes out in the open. >>> >>> Download hijackthis send in the logs and lets have it analyzed on >>> what >>> variant/class of rogue or fake AV you have. Also what version of >>> zone >>> alarm are you using, have you updated it recenty? >> Milo - I see you are back and again telling posters to run HijackThis >> and >> "lets [sic] have it analyzed". Once again, we do not analyze HJT logs >> here >> in the MS newsgroups. If you are going to tell people to run HJT >> (which >> should really be the last resort, especially when there are already >> clear >> removal instructions for the OP's infection - given by DL), then at >> least >> give them links to some specialty forums to post the HJT logs. >> >> Malke >> -- >> MS-MVP >> Elephant Boy Computers - Don't Panic! >> http://www.elephantboycomputers.com/#FAQ >> |
| My System Specs |
|
07-04-2009
| #8 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software I believe Personal Antivirus creates a 'PAV' folder in the Program Files, plus a BHO called '&helper' with a file name of something like 'ms.....64.dll' in the windows/system32. Use Hijackthis to delete them, then reboot. Martin. |
| My System Specs |
|
07-04-2009
| #9 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software How to remove Personal Antivirus http://www.bleepingcomputer.com/viru...onal-antivirus Martin Connolly wrote: Quote: > I believe Personal Antivirus creates a 'PAV' folder in the Program > Files, plus a BHO called '&helper' with a file name of something like > 'ms.....64.dll' in the windows/system32. > > Use Hijackthis to delete them, then reboot. > > Martin. |
| My System Specs |
|
07-06-2009
| #10 (permalink) |
| Guest | Re: Cannot remove Personal Antivirus - rogue software An anti-junkware site, funded by adverts for junkware, in the usual layout that makes it very difficult to see what's the article and what's the advert. If you're not VERY carefull where you're clicking here, you'll simply replace one infestation of junkware with another. |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Personal antivirus pop up | Vista mail | |||
 How to remove McAfee Personal Firewall. | Software | |||
| Avast Antivirus Home Edition OR Avira AntiVir Personal | System Security | |||
| Registry Repair Pro is rogue software? | System Security | |||
| Need help to remove AVG antivirus | Software | |||
