How to Remove The Personal Anti Virus Trojan From Refurbished Laptop Computers

A panic call yesterday from a neighbor describing the urgent warnings appearing on a recently acquired Refurbished Laptop computers screen, lead to an interesting exercise in removing an insidious Trojan.  Anyone using the Internet frequently and opening attachments of any kind be it on a desktop or laptop computer is at risk for encountering this hard to eliminate Trojan.   This Trojan masquerades as a legitimate appearing Personal Anti virus program, complete with a program Icon on the desktop, and pop-up warnings which look legitimate and ominous.  The warnings appear randomly every few minutes and when clicking on the "block" option on the popup you are taken to an Anti Virus program screen which leads you to purchase a $50 program for "full protection".  I ran Avira antivirus in the hope it would remove the Trojan but it did not find it.  After some research I determined that the program Malwarebytes Anti-Malware program would remove the Trojan.  When attempting to download Malwarebytes using Internet Explorer I was repeatedly blocked from the download by a screen indicating the site I was accessing contained dangerous material and I was blocked from any download action.  As a way around the Trojans actions on the
refurbished laptop, I used a second laptop which was not infected to download the Malwarebytes software to a USB stick. Using the USB stick on the infected laptop I installed Malwarebytes and removed the Personal Anti Virus Trojan.

I was concerned that the newly acquired refurbished laptop computer was infected on purchase but after talking to the owner determined the popup appeared after opening an attachment in an email.  He couldn't remember the exact file he opened, but the experience was a good lesson for him on cautions to used when opening attachments from someone who you don't know and trust.  I believe there are probably other Malware removal tools that will work to remove the Personal Anti Virus Trojan, but I have determined that Malwarebytes Anti-Malware is effective in removing this well designed Trojan.  You can obtain a free version of Malwarebytes Anti-Malware here.

This is a reminder to use caution when opening attachments, but if you do, and find yourself with popup’s on the screen, and directed attempts to try and get you to purchase software, to resist and seek technical support either in person or on the Internet.

Originally posted 2009-07-23 15:09:45.