AntiVirusHome2010 - Possible Infection

[Steel377]

I have a PC that is running slow lately - I use AVG Internet Security Version 9 and Malwarebytes.

Both AVG and Malwarebytes report all is clean.

I noticed using MSCOnfig, in Startup an entry named HomeAntiVirus2010 and a path to C:\program files\homeantivirus2010\homeantivirus2010.exe

This folder path and file, do not exist on the PC.

I used RootRepeal to check for possible rootkit, root repeal fails with this error

23:35:48: Warning - the number of SSDT entries from the kernel and the number on-disk are different (0 and 284).

23:35:48: DeviceIoControl Error! Error Code = 0x0

23:35:48: WARNING: The SSDT in our driver has been faked (0x00000250)!

I used rootkit revealer and get this info

HKLM\SECURITY\Policy\Secrets\SAC* 8/5/2004 10:26 PM 0 bytes Key name contains embedded nulls (*)

HKLM\SECURITY\Policy\Secrets\SAI* 8/5/2004 10:26 PM 0 bytes Key name contains embedded nulls (*)

C:\$AVG\$CHJW\a05a57d3-36f8-45b1-8493-825335ffffd6 2/22/2010 11:07 PM 3.80 MB Hidden from Windows API.

C:\$AVG\$CHJW\feee9a0f-736e-452a-a0b3-4790d517d20f 2/22/2010 11:07 PM 3.31 MB Hidden from Windows API.

C:\Documents and Settings\All Users\Application Data\avg9\IDS\download\messages.xml 2/22/2010 10:34 PM 0 bytes Hidden from Windows API.

C:\Documents and Settings\ASnow\Local Settings\Temp\Perflib_Perfdata_e68.dat 2/22/2010 10:21 PM 16.00 KB Visible in Windows API, but not in MFT or directory index.

C:\System Volume Information\catalog.wci\00010001.ci 2/22/2010 10:52 PM 192.00 KB Visible in Windows API, but not in MFT or directory index.

C:\WINDOWS\Temp\5fe20930-d7c1-43df-a393-ba4b7887072b.tmp 2/22/2010 11:05 PM 0 bytes Visible in Windows API, MFT, but not in directory index.

I can not tell if I have some hidden infection or not.

Any Suggesitons ?

AVG RootKit Scan is clean as well.

Thank you !

[Steel377]

I was hoping someone might be bale to comment on my post and offer any suggesitons or help.

If anyone could please help, I would appreciate it !

Thank you

[screen317]

Hi and welcome to Malwarebytes.

Do you still need help?

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!