AntiMalware AntiVirus Software

Hi,

I’m not sure if this is a huge problem, the above ‘software’ got automatically installed (or maybe I hit the wrong button when trying to close the window that popped out).

I have run the Super AntiSpyware (found some ‘infected’ files that I deleted after running it), and also the Rogue Free Remover, Malwarebytes Anti-Malware and Avast (the last three found nothing malicious). I tried to uninstall the software, deleted shortcuts the came out on my desktop but they keep coming back. Samples are attached.

I have a Dell laptop computer with Windows XP SP3.

Any help is greatly appreciated. What other softwares are advisable to further protect my computer? Thanks and have a nice day.

Hello again,

I’ve run the Super AntiSpyware again and below is the resulting log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/14/2009 at 04:00 PM

Application Version : 4.31.1000

Core Rules Database Version : 4371
Trace Rules Database Version: 1623

Scan type : Complete Scan
Total Scan Time : 00:32:26

Memory items scanned : 589
Memory threats detected : 0
Registry items scanned : 6482
Registry threats detected : 5
File items scanned : 17357
File threats detected : 14

Browser Hijacker.FakeAlert/SHCWC
HKLM\Software\Classes\CLSID{A77D3539-581D-450C-9E44-A84C415A6172}
HKCR\CLSID{A77D3539-581D-450C-9E44-A84C415A6172}
HKCR\CLSID{A77D3539-581D-450C-9E44-A84C415A6172}
HKCR\CLSID{A77D3539-581D-450C-9E44-A84C415A6172}\InprocServer32
HKCR\CLSID{A77D3539-581D-450C-9E44-A84C415A6172}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\MSXMLM.DLL

Adware.Tracking Cookie
C:\Documents and Settings\Jay\Cookies\jay@content.yieldmanager[2].txt
C:\Documents and Settings\Jay\Cookies\jay@mediaplex[1].txt
C:\Documents and Settings\Jay\Cookies\jay@richmedia.yahoo[2].txt
C:\Documents and Settings\Jay\Cookies\jay@atdmt[1].txt
C:\Documents and Settings\Jay\Cookies\jay@kontera[2].txt
C:\Documents and Settings\Jay\Cookies\jay@mmedia.t134[1].txt
C:\Documents and Settings\Jay\Cookies\jay@revsci[1].txt
C:\Documents and Settings\Jay\Cookies\jay@apmebf[1].txt
C:\Documents and Settings\Jay\Cookies\jay@doubleclick[1].txt
C:\Documents and Settings\Jay\Cookies\jay@ad.yieldmanager[2].txt
C:\Documents and Settings\Jay\Cookies\jay@pornotube[2].txt
C:\Documents and Settings\Jay\Cookies\jay@content.yieldmanager[3].txt

Rogue.PersonalAntiVirus
C:\Program Files\PERSONALAV

As I am writing this the Windows Security Centre window is saying no anti-virus software is detected inspite of Avast running continuously. The ‘software’ is loading by itself and scanning and pop ups keep showing up every minute or so. The only thing I can do is click X to close the window. I’m just worried that what’s happening will corrupt files that are saved in the hard disk (pictures, word docs, excel files).

Thanks again for any help that would be given.

Hello,

Is this the one you are talking about? See this page: http://www.2-spyware.com/remove-antimalware.html

As for Windows Security Centre you may read here:
http://uk.answers.yahoo.com/question/index?qid=20091209112944AA7XGtX
http://www.tomshardware.co.uk/forum/page-239726_35_0.html

Good luck!

Remove AntiMalware (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-antimalware

Rogue.PersonalAntiVirus C:\Program Files\PERSONALAV

How to remove Personal Antivirus (Removal Guide)
http://www.bleepingcomputer.com/virus-removal/remove-personal-antivirus

Thanks for the replies Syngi99 and Pondus. I tried to restore it and was okay then I found an earlier related topic and followed the instructions there. It looks okay now. Sorry for the late reply as I wasn’t able to browse yesterday.

Have a good day guys!

I have read somewhere that the “real” Avira Antivir and AVG would have picked up on this problem. I got the same “rogue” Antivir pop up and managed to close the windows in time (I think).
I have been advised to download AVG Linkscanner to prevet further attacks. I have also disabled my Java/Javascript as these problems may use this as a way in.
Seems to be an issue with certain software. My mate has Norton and had a similar attack.
My computer mate seems to rate Superantispyware. I would throw everything at it. Spybot, Adaware, etc. I get the Antispyware via Cnet as this site gives out the real software and has ratings too.
Cheers Jerry

try: http://malwarebytes.org

Goodluck and GOD BLESS