My Experience with Malicious Software

I am not a techie, but had a chance to play one this weekend. Saturday morning, I began my computer routine–check email, check Facebook, check Twitter, find out what is going on in the world, and I started getting Security Alert pop-ups. The pop ups said I had worms, trojans, and evan a trojan horse, and gave me the option of ignoring the security alert or blocking the threat. So, of course, I elected to block the threat–which took me to the Personal Antivirus web site which said that if I wanted to disable the threat, I would have to upgrade my version of Personal Antivirus at a cost of $59.99. I thought to myself–this must be a promo software program that “came with” my computer when I bought it, so I will run a scan using the Security Package that I bought to protect our home system (desktop, 3 laptops, external storage, 2 printers). Full System Scan started. Favorite computer out of commission during scan.

Six hours and 3+Million files later, the scan reported that 22 instances of bad stuff had been found and cleaned! Yea! I can get back to normal. But wait, the pop ups are still here. Did Kapersky not recognize these worms and trojans? Did Kapersky not do a thorough job? Since I also have Windows Defender on the system, I decided to run it–maybe it is smarter than Kapersky. Full system scan started.

Ten hours and 3+Million files later, Windows Defender told me that my computer was risk-free. Great, now I can catch up on the things that came in during the hours that the computer was scanning. But wait, the pop ups are still here. I conclude that since both Kapersky and Windows Defender have given the computer a clean bill of health, the problem is with Personal Antivirus, and I will simply uninstall that program.

I go to Control Panel, Change/Remove Programs, and look for Personal Antivirus in the drop down menu–it is not there. How can it not be there? I decide that I must have just overlooked it. So, I change the size of the icons so I can more easily recognize the little yellow shield that represents Personal Antivirus. It is not there. I go to the Start Menu, search Personal Antivirus, and it’s there! I play around with the drop down menus, and finally find one with Properties, and find out the name of the file that I want to remove is PAV.exe. I go back to Change/Remove Programs, but it will not let me enter PAV.exe–you have to select from the drop down menu.

What do I do now? I do what any non-techie does, and Google PAV.exe. I learn that this is a “rogue anti-spyware program to come out of a company called Innovagest 2000, that is installed by a trojan called Zlob, which attempts to trick you into buying an alleged rogue anti-spyware program. Once you are infected with Zlob, a fake security menu appears”

Now what? After some looking around, I find the Microsoft Security Site, and download Microsoft Windows Malicious Software Removal Tool Kit (KB890030), and do a full system scan. It has been running for 14 hours, 41 minutes, and looks like it is about 60% complete. Will it work? I will let you know.

Real techies, what do you think? I am prepared for the comment, “If you were using a Mac, you wouldn’t be having this problem”.