I have a machine with Endpoint Security installed.
I discovered it was infected with "Personal Antivirus" (PAV.exe)
I manually deleted all references to PAV.EXE that I could locate on the drive and in the registry.
Now Internet explorer is being hijacked and randomly taken to a URL titled networksecurityadvice.com.
I'm sure it's related because the site solicits "Personal Antivirus". I scanned windows in safe mode with SEP. There were no hits.
I've read the other article about PAV.exe and attempted to follow the instructions for removal of w32.Kitro.E.Worm but can't locate any of listed files or registry values.
Is this problem associated with another threat? Anyone have removal advice?