Jump to content

Malwarebytes found AnviSmartDefender PUP in the Registry


Recommended Posts

Hello,

I haven't actually been having any issues with my system but every now and then I like to run a Malwarebytes scan just to see if finds anything, usually it doesn't. Anyway after running it today it said it had found the following 4 registry PUP issues, all belonging to AnviSmartDefender:

Registry Key: 3
PUP.Optional.AnviSmartDefender, HKU\S-1-5-21-4079224529-1850452133-1189164913-1001\SOFTWARE\MOZILLAPLUGINS\anvisoft.com/AdblockPlugin, No Action By User, 295, 840222, 1.0.27693, , ame, 
PUP.Optional.AnviSmartDefender, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LHMIOFMIPCPMHGIHIECMPIEKCACIGPGB, No Action By User, 295, 840219, 1.0.27693, , ame, 
PUP.Optional.AnviSmartDefender, HKLM\SOFTWARE\WOW6432NODE\ANVISOFT\Anvi Smart Defender, No Action By User, 295, 840212, 1.0.27693, , ame, 

Registry Value: 1
PUP.Optional.AnviSmartDefender, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LHMIOFMIPCPMHGIHIECMPIEKCACIGPGB|PATH, No Action By User, 295, 840219, 1.0.27693, , ame,

These have all been Quarantined.

I'm just curious to know if anyone else knows anything about these and whether I should just delete them. It's strange because I thought Anvi Smart Defender was a legitimate anti virus software, and I also don't have Anvi Smart Defender installed on this PC and never have. 

I'm also using Windows 8.1 64 bit.

Thanks very much for reading and any help you can provide,

Elliot.

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Sorry for this delay.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Please attach the log for my review.

Wait for further instructions
====
 

Link to post
Share on other sites

Hello again,

I've looked through one of my old registry backups with notepad++ and it looks like I may have had Smart Defender installed at some point. Under "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Anvisoft\Anvi Smart Defender" I can see a value for "C:\Program Files (x86)\Anvisoft\Anvi Smart Defender". I probably tried it out a few a years ago but forgot about it. It hasn't been installed for years and so those registry values were probably not removed when it was uninstalled. 

 I think I'll just go ahead and remove them.

Thanks for your help,

Elliot.

Link to post
Share on other sites

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.