Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Alpha Antivirus


  • Please log in to reply
1 reply to this topic

#1 DoeZ

DoeZ

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 30 October 2009 - 10:22 PM

Earlier tonight I was bombarded with these pop-ups that stated they were Alpha antivirus installer telling me I was infected and needed security...I did not click anything and I couldn't get out of it either...I ran my Malwarebytes and it found 23 virus'...I removed all and rebooted and now I'm posting the log hoping you can tell me if I'm still infected...Thanks so much for any help:)

P.S. I did not run this in safe mode


Malwarebytes' Anti-Malware 1.41
Database version: 3063
Windows 5.1.2600 Service Pack 3

10/30/2009 11:08:55 PM
mbam-log-2009-10-30 (23-08-54).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 288943
Time elapsed: 2 hour(s), 31 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 22

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servises (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\AlphaAV (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\AlphaAVUninstall (Rogue.AlphaAntivirus) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\AdvancedIEupdate.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\025ABICF\A-Install-944680_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\025ABICF\A-Install-a3b7_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\025ABICF\A-Install-a5320_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\025ABICF\A-Install-d8a_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\5UD4N90E\A-Install-1408e3a_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\5UD4N90E\A-Install-9091c5a_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\5UD4N90E\A-Install-9dc04_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\5UD4N90E\A-Install-fc9e0_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\N52A714X\A-Install-2bd4_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\N52A714X\A-Install-74f1_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\N52A714X\A-Install-9853_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\N52A714X\A-Install-ce83da_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\N52A714X\A-Install-d2c795_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\N52A714X\A-Install-d97b0_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\YK8WJBXU\A-Install-1ab1_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\YK8WJBXU\A-Install-5c76ac_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\YK8WJBXU\A-Install-621_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\YK8WJBXU\A-Install-f524_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\comp\Local Settings\Temporary Internet Files\Content.IE5\YK8WJBXU\A-Install-f65e_2024-8[1].exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Program Files\AlphaAV\alpha.exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\AlphaAVUninstall\Uninstall.lnk (Rogue.AlphaAntivirus) -> Quarantined and deleted successfully.

Edited by DoeZ, 30 October 2009 - 10:35 PM.


BC AdBot (Login to Remove)

 


#2 DoeZ

DoeZ
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 31 October 2009 - 12:20 PM

anyone...help please... :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users