Computer Repair La Mesa

Computer Repair La Mesa

Customer called complaining of virus infection from a fake facebook email they recieved on their yahoo email account.  Customer was not able to browse with internet explorer, getting viagra popups and blue screen error messages.  Removed virus infections, updated, scanned for changed system files and replaced.  Customized user settings.

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 7.0.6002.18005

7/10/2010 12:15:26 PM

mbam-log-2010-07-10 (12-15-26).txt

Scan type: Full scan (C:\|E:\|)

Objects scanned: 220416

Time elapsed: 23 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Removed

HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Removed

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jhircqgm (Rogue.AntivirusSuite.Gen) -> Removed

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Users\jessica\AppData\Local\bbkiqxgyf\uwfrrjhtssd.exe (Rogue.AntivirusSuite.Gen) -> Removed