Where has Billbo been?

Discussion in 'Messages for All Guests and Members' started by billbo, Aug 6, 2009.

  1. billbo

    billbo Master of the Pit OTBS Member

    Hi All! Wanted to drop a quick line in. My daughter has managed to infect my home PC with a nasty virus/malware. It is called PAV.EXE or Personal Anti Virus. Anyway, my home PC is shot right now and I don't like to do a whole lot from work so I havn't been around much.

    I am having SMF withdrawl. I have been trying to rid my machine on my own but I think I'm in over my head on this one. I can't seem to find an easy fix. My real anti virus (Norton) doesn't pick it up and it has cloned itself in my machine[​IMG]

    I'm still alive but my computer is not.[​IMG]

    Cheers for now, hopefully I will be back smoking soon!
  2. geek with fire

    geek with fire Master of the Pit OTBS Member

    I just cleaned a computer belonging to a relative of mine that had PAV. I'm an IT guy by trade, so I have a natural aversion to the automatic cleaners. If you are tech savvy, this might make sense to you:

    I rebooted in safe mode and did the following 3 items:
    1.) Run MSCONFIG. Remove any entries from the startup section that pointed to AV.exe or PAV.exe or any file in a folder that looks like it might be (you can always recheck them later if you grab the wrong one)
    2.) Delete PAV.exe or AV.exe from anywhere on your computer. The one I worked on had them in 2 locations; one in program files and the other in c:\windows\system32
    3.) Search through Registry (by running regedit) for anything like PAV.exe, AV.exe or Personal. Remove entries as you feel necessary.

    WARNING: Deleting things from registry can cause heartburn. GeekWithFire takes no responsibility for self-screwage caused by modifying registry.
  3. tntxajun

    tntxajun Smoke Blower

    Malwarebytes is a mal/spyware free program. It will remove it. Use this before heading to your registry.
  4. tntxajun

    tntxajun Smoke Blower


    will be on for awhile so you can PM me with any questions.
    Use the free version,, download,,, update it after you install
    and then run the program.
    Its a great malware tool and I use it alot helping folks get rid of

    Is your Anti-virus program update ? Hopefully you have one.

  5. fire it up

    fire it up Smoking Guru OTBS Member

    Good advice from GwF, if that is a bit much for you or you still are having problems you could always go the format route, horrible to have to do a complete format but sometimes it's a last resort...
    Good luck.
    For a bit of extra added protection you could always run programs like PeerGuardian or if you are using Mozilla/Firefox you can also run No Scripts.
  6. ronp

    ronp Smoking Guru OTBS Member SMF Premier Member

    I just ran this, no problems, thanks.
  7. tntxajun

    tntxajun Smoke Blower

    Pav is a trojan. Suggest a cleaning utility instead of registry manipulations.
    Reformat is not necessary except in extreme cases.
    I have removed this and other infections with this as warranted.
    It gives a message that the users computer is infected and hi-jacks the browser.
    Again, it is not just the single entry as it replicates itself under morphed signatures in the registry. If acted on it can be eliminated.

  8. jirodriguez

    jirodriguez Master of the Pit OTBS Member SMF Premier Member

    Sucks to hear the Bilbo [​IMG], computer viruses are never fun. I would second running Malwarebytes first - before going nuts in the registry and what not. I have built a few computers and am somewhat tech saavy, but I rarely feel comfortable mucking around in the system registry.... lol.

    If you have a thumb drive you can download the Malwarebytes installer to the thumb drive, then run it on the infected machine. Let us know how you fare! [​IMG]
  9. tntxajun

    tntxajun Smoke Blower

    I am an admin in PC-Tech which is a voice forum on Paltalk for giving free assistance to people with software/hardware issues on windows based systems.
    We have seen numerous instances of this specific trojan from all over.
    Malwarebytes has a free version that is very effective and we suggest having that program on your system.

    That trojan is slipping by many mainstream anti-virus programs and it can disable your resident program, so it is not anything to take lightly.

    Again, we strongly suggest not playing in your registry unless you know exactly what you are doing. Not a good idea even for techs unless absolutely necessary.

  10. chisoxjim

    chisoxjim Master of the Pit OTBS Member

    billbo, computer problems stink, good luck getting yours resolved.

    also thanks to the computer experts for chiming in with ideas on how to keep computers safe, and to scan for these p.i.a. worms, trojans, and malware. My home p.c. has been acting weird for a while and I am going to do the free malwarebytes scan posted here. I have already tried a few things, so far but things just arnt 100% right.

    Its just too bad there are computer folks around that spend their time creating these nusances.
  11. thundernoggin

    thundernoggin Newbie

    Most important thing mentioned by Geek With Fire is to reboot into safe mode. I've used Spybot and Asquared Free for years with very good results and no cash out of pocket. Get the definitions updated then safe mode to scan. Avast also has free antivirus with boot scanner. If you do edit the registry make sure to back it up first. If using Windows you may also have access to Windows Defender and can try scanning with that. Various antivirus companies have online scanners and one of them may remove it too although most of them are hit and miss.
  12. mballi3011

    mballi3011 Smoking Guru OTBS Member SMF Premier Member

    Thanks guys isn't nice to know we have some help here too. [​IMG]
  13. tntxajun

    tntxajun Smoke Blower

    Not at all sure if this is appropriate to post in this forum and I apologize if I am making a blunder.

    I am a member of a voice/text forum on a Global Communications Program called 'Paltalk'. This program allows participants to use a mic or use text to convey issues concerning their pcs. There is no charge for either the program or any assistance and there are multitude of specialized forums as well.

    I/we are a group of tech guys and many of us specialize in certain areas, mine is security, but there is anything from software problems to some one having difficulty installing a camera or printer.

    If any SMF forum admin or members would like additonal information on how to access us, please let me know.

    I will be glad to post a link with an admins or moderators permission.

  14. ddave

    ddave Master of the Pit OTBS Member SMF Premier Member

    Also a computer tech by trade here in charge of about 750 computers. We use three programs (in additionto our antivirus program) which are:


    Spybot Search and Destroy


    Sometimes it is necessary to run these in Safe Mode. We run all three and then run them again until all three say the machine is clean.

    Lots of malware/adware (like the free screen savers, desktop backgrounds, toolbars, ect) are technically not viruses so they can be missed by antivirus programs.

    Registry editng should only be done by very experienced users. The downfall, other than being able to cripple the machine in the blink of an eye, is that most spyware etc does not follow logical naming conventions so a manual search through regedit by a novice user is not likely to be very successful.

    Reformatting will fix the problem but should only be done as an absolute last resort and is usually not necessary -- regardless of what the guy from the computer store might say. If you have a light switch in your house that won't work because of a short circuit, you can tear down the house and rebuild it from the ground up. It will fix the problem, but there are other more exact ways to fix it.

    Good luck, Bilbo.

  15. tntxajun

    tntxajun Smoke Blower

    Double ditto what Ddave said with emphasis attached.

  16. bassman

    bassman Master of the Pit OTBS Member SMF Premier Member

    I just ran the malwarebytes free program. It found quite a few "problems". I told it to remove the problems but it would only do some, not all. I guess you have to purchase the full program to get it to remove all problems.
  17. rickw

    rickw Master of the Pit OTBS Member

    I tried it and it took care of the 10 things it found. Pretty nice program.
  18. ddave

    ddave Master of the Pit OTBS Member SMF Premier Member

    Should be completely free. Go to this website


    and click on the Download Free Version button. It will take you to a CNet download site. Click the Download Now link and you should be good.

  19. helljack6

    helljack6 Meat Mopper SMF Premier Member


    My personal website. IT for over 10 years, been part of all the major stupid rip you off and make you pay out the @ss computer repair chains, now work maintain network infrastructure for the military. Enjoy, comments welcome.
  20. billbo

    billbo Master of the Pit OTBS Member

    Thought I would give an update. TnTxajun was kind enough to offer his help. Thank you Jack!! He, my wife and I were up to 1am last night working on this via Skype. I am a PC dummy but I can tell you this malware is nasty. Still not fixed yet but we are working on it.

    Another example of how great SMF and it's members are. I really didn't expect to get any help here I just wanted to let you all know why I hadn't been around. The wealth of knowledge of our members is tremendous.

    Thank you for all the suggestions and I will keep you updated.

    Jack you rock!

Share This Page