Questions

Answer for:

Microsoft Antivirus Malware?

Message 2 of 11

View entire thread
+
0 Votes
applejosh

It sounds like a WinAntivirus variant of some variety. Depending on the variant, level of access the user had when the malware was installed (Local Admin, Power User, etc.), it can be difficult to remove. I'd check the registry "Run" keys and also the Winlogon\Notify key for traces of how's it's starting. And I've had some success using Trend Micro's housecall (housecall.trendmicro.com) while running in Safe Mode with Networking.