For the past few months, I’ve had a fair amount of people come to me with a problem that involves an application called Personal Antivirus (PAV) that installs itself on the user’s machine. Everyone who has confronted me about this software was unaware of how it was installed and concerns about the results that the application claims to find on the machine its installed on.
Here’s a few things to know about Personal Antivirus:
Here is a screen capture of PAV in action:
In either case, this application is a fraud and causes your system to be infected. The method I use to rid systems of PAV is to download and scan the infected computer with a program called SuperAntiSpyware. At first, I SuperAntiSpyware was a very ambiguous program itself until I downloaded and tried it on a client’s computer. I was greatly impressed with the program and how effectively it cleans up spyware, trojans and other malware. To be even more elusive, PAV has a very similar user interface to AVG AntiVirus which can be misleading to basic users.
To download the software for free, visit here.
Removing Personal AntiVirus
The first step to removing PAV is to access the Task Manager by pressing CTRL+ALT+DEL. Look for the process called pav.exe and terminate the process. Below is a screen capture of the task manager with the process highlighted.
After ending the pav.exe process, begin the installation of SuperAntiSpyware
When you see the window that states Would you like SuperAntiSpyware to check for the latest… click Yes. it’s not mandatory, but definitely recommended for future use.
Ignore the email portion by clicking Next
For automatic updates, make sure the box is checked to enable the feature. It’s another highly recommended action for future use of the program.
Personally, I usually ignore sending the diagnostic because I’d rather get the computer scan and fixed. The diagnostic report isn’t required or really necessary for removing PAV, so I usually uncheck the box and move on to the next step.
In the event of a security compromise of the browser’s homepage like in PAV, the next step of protecting the home page from being changed is highly recommended, but not required.
Start up SuperAntiSpyware after installation, click the button Scan you Computer, and select the Perform Complete Scan option.
If anything is found during the scan, a window will provide the results found
Following this window, the results of the scan will be shown and the option of choosing what to remove is provided. The screen captures below show some of the files associated with PAV.
Select the infected files you wish to remove. Restart the computer, and your computer should be rid of PAV. The process generally takes about an hour, but is dependent on the number of files and system resources.
This is one of many methods of cleaning up PAV and is the method I’ve found to work the best in the situations I’ve been in. If anyone has any other alternatives to removing PAV, please add them to the comments. I’ll keep this post up to date with any alternatives I may find.
Special thanks goes out to Ashley. Her machine was the infected machine that I used to get screen captures. She’s been PAV free ever since!
