tburick
asked on
Malware after bogus facebook link cannot get rid of threat
I received a message from a friend on Facebook, but the friend did not send me the link. It sent me to google and immediately my antivirus software went off, but was not able to fix it. I get this popup whenever I logon.
http://i216.photobucket.com/albums/cc20/tommydkat/anitvirusmessage.jpg
I have tried, every malware program I know... CClenaer, CWShredder, AdAware, SpyBot, and nothing seems to work. I created a scan using HiJack This, and can only hope someone can interpret what I need to delete. The HiJackThis Log file is attached.
Thanks,
Tom
Thanks,
hijackthistom.txt
http://i216.photobucket.com/albums/cc20/tommydkat/anitvirusmessage.jpg
I have tried, every malware program I know... CClenaer, CWShredder, AdAware, SpyBot, and nothing seems to work. I created a scan using HiJack This, and can only hope someone can interpret what I need to delete. The HiJackThis Log file is attached.
Thanks,
Tom
Thanks,
hijackthistom.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks to Phototropic for a speedy response!!
Yeah, your HJT log looks clean.
Good job!
Good job!
ASKER
Here is the Malwarebytes.log THEN I will copy the AFTER Log. to show the difference when I ran the fix.
and I will attach the newest HiJackthis log.
BEFORE:
--------------------------
Malwarebytes' Anti-Malware 1.28
Database version: 1274
Windows 5.1.2600 Service Pack 3
10/15/2008 5:22:33 PM
malwarebytesBefore.txt
Scan type: Quick Scan
Objects scanned: 44057
Time elapsed: 4 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\
HKEY_CLASSES_ROOT\Interfac
HKEY_CLASSES_ROOT\CLSID\{e
HKEY_CLASSES_ROOT\TypeLib\
HKEY_CLASSES_ROOT\Interfac
HKEY_CLASSES_ROOT\Interfac
HKEY_CLASSES_ROOT\CLSID\{3
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWAR
HKEY_LOCAL_MACHINE\SOFTWAR
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\Ascentive (Rogue.Multiple) -> No action taken.
C:\Program Files\Ascentive\Performanc
Files Infected:
C:\WINDOWS\system32\ConTes
C:\WINDOWS\system32\SysRes
C:\Program Files\Ascentive\Performanc
C:\WINDOWS\fmark2.dat (Malware.Trace) -> No action taken.
--------------------------
AFTER:
---------------------
Malwarebytes' Anti-Malware 1.28
Database version: 1274
Windows 5.1.2600 Service Pack 3
10/15/2008 5:37:50 PM
mbam-log-2008-10-15 (17-37-50).txt
Scan type: Quick Scan
Objects scanned: 44048
Time elapsed: 1 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
hijackthis.log