Re: Cannot remove Personal Antivirus - rogue software



Hi Malke,

out of respect to the links as indicated - the troubleshooting " by using a 3rd party tool - a nice marketing intro for the MB product " revolves only in XP environment not in Vista as what satyad's concern - as it also prompts in one way or the other the use of Hijackthis so how would that be different to my request of hijackthis log. And the FakeAV in satyad case and like any other fake AV it didn't came alone since the behavior he indicated now usually fake/rogue av are introduced by a catalyst malware, which am more concern about than the fake AV which is only the payload and recently some of them even have rootkit capability.

And if so the request for the log is granted, I would ask them to send it via e-mail which I would gladly analyze myself.



"Malke" <malke@xxxxxxxxxxxxxxx> wrote in message news:eNDnde25JHA.1420@xxxxxxxxxxxxxxxxxxxxxxx
Milo wrote:

Hi satyad,

It only means it was installed on an admin rights and then created another
account to lockdown users capability to remove or uninstall the said
application and worst some have rootkit capability that is becoming more
and more complex in each new variant that comes out in the open.

Download hijackthis send in the logs and lets have it analyzed on what
variant/class of rogue or fake AV you have. Also what version of zone
alarm are you using, have you updated it recenty?

Milo - I see you are back and again telling posters to run HijackThis and
"lets [sic] have it analyzed". Once again, we do not analyze HJT logs here
in the MS newsgroups. If you are going to tell people to run HJT (which
should really be the last resort, especially when there are already clear
removal instructions for the OP's infection - given by DL), then at least
give them links to some specialty forums to post the HJT logs.

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
http://www.elephantboycomputers.com/#FAQ

.