Computer Repair La Mesa
Computer Repair La Mesa
Customer called complaining of virus infection from a fake facebook email they recieved on their yahoo email account. Customer was not able to browse with internet explorer, getting viagra popups and blue screen error messages. Removed virus infections, updated, scanned for changed system files and replaced. Customized user settings.
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 7.0.6002.18005
7/10/2010 12:15:26 PM
mbam-log-2010-07-10 (12-15-26).txt
Scan type: Full scan (C:\|E:\|)
Objects scanned: 220416
Time elapsed: 23 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Removed
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Removed
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jhircqgm (Rogue.AntivirusSuite.Gen) -> Removed
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Users\jessica\AppData\Local\bbkiqxgyf\uwfrrjhtssd.exe (Rogue.AntivirusSuite.Gen) -> Removed