Question about program titled "AntiMalware".

I’m not sure if anyone else has run into this but earlier this morning I had a program called “AntiMalware” trying to get me to buy yada yada yada and showed a bunch of fake virii, I’m sure you know of it.

I regularly use SuperAntiSpyware and I use Avast! home, my question is fairly straight forward.

Will Avast! home remove it/fix it, including the registry and such? After having this garbage pop up on me I just hope there is no underlying application of some sort that may still be lingering around.

I guess this isn’t as serious as most of the other posts, but I like to keep my system running clean.

Welcome sh1yne

Please read:
Rogue antivirus: a growing problem
http://www.viruslist.com/en/analysis?pubid=204792090

Download Malwarebytes’ Anti-Malware (MBAM) then get the latest definition updates then run a Quick scan and have it remove what it finds:
http://www.malwarebytes.org/mbam.php

Post its log here if you like.

Remove AntiMalware (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-antimalware

Is Malware Bytes better than Super Anti-Spyware? I have all of these stinkin’ programs, it started with Adaware and then moved to Spybot S&D, and eventually to Super Anti-Spyware which found about 60 entries not found by Spybot. I guess what I’m trying to ask is that the best freeware out there? If so I can muster up some hard disk space for it.

When I bootscanned with Avast! home it found and deleted two trojans, and since that boot scan and a scan of my drive with Super A-S my pc is running grand like usual.

I guess what I’m trying to ask is that the best freeware out there? If so I can muster up some hard disk space for it. I’m always looking for good programs to help keep my machine speedy. Also, it’s funny in that link you put up I think it told me how I ended up with it on my pc.

"A pop-up window in Opera

Usually, such pop-ups give the user no choice because there is only one button – either “OK” or “YES”. Even if there is a button marked “NO” or “Cancel”, a rogue antivirus program will still be downloaded regardless of which button is clicked."

I guess it’s the one time IE isn’t the one to bite me on the bum.

Thanks for your help, and suggestions please let me know how well Mal-Bytes works.

Actually, I just downloaded it and am scanning now I will let you know how it works out.

Malware moves on, so too must the applications to detect them. If they don’t keep up then they are worthless and the new dog on the block takes over. For the moment that would be MBAM and SAS as both these programs are still actively being developed and have regular signature and program updates.

Ok M-bytes found I think 4-5 problems. Here is the log.

Malwarebytes’ Anti-Malware 1.41
Database version: 3202
Windows 6.0.6001 Service Pack 1

11/20/2009 12:54:52 PM
mbam-log-2009-11-20 (12-54-52).txt

Scan type: Quick Scan
Objects scanned: 111441
Time elapsed: 9 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Active Security (Rogue.ActiveSecurity) → Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) → Bad: (0) Good: (1) → Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
\Local\Temp\uac4c8a.tmp (Malware.Packer) → Quarantined and deleted successfully.
\Local\Temp\uac4dd2.tmp (Malware.Packer) → Quarantined and deleted successfully.
\Local\Temp\uac4f29.tmp (Malware.Packer) → Quarantined and deleted successfully.

So this was a good suggestion it found a handfull of things SAS did not. It also looks as if it was taken care of successfully. This was just a quick scan though, so I will eventually run the complete scan when I’m not busy on my PC.

Very much thanks for everyones imput.

Vista SP2 has been available since May and provides Critical Updates and performance improvements:
http://support.microsoft.com/kb/948465

You need to start Internet Explorer then go to Tools then Windows Update and download all of the available updates.

Also you should enable Automatic Updates or at least be notified that Updates are available.

Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least Notify me but don’t automatically download or install them.

Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online