So I've got some Malware, I downloaded a bad link. My antivirus (ESETNod32) flagged it up and said it was quarantined but then random adverts started playing in the background (and as much as I want rock hard abs in under three months, I don't want to hear about it). So Malware quick scan performed, 10 objects found, restart done, data log to follow.
So do I need to do anything else or has Malware done the job?
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7283
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
26/07/2011 19:08:56
mbam-log-2011-07-26 (19-08-56).txt
Scan type: Quick scan
Objects scanned: 181461
Time elapsed: 12 minute(s), 47 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
c:\Users\Joss\AppData\Local\Temp\Twg.exe (Trojan.FakeAlert.SA) -> 2540 -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XMZH42I4GI (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Value: 8DDYX0ZBPZ -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\NAME REMOVED\AppData\Local\Temp\Twg.exe (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
So do I need to do anything else or has Malware done the job?
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7283
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
26/07/2011 19:08:56
mbam-log-2011-07-26 (19-08-56).txt
Scan type: Quick scan
Objects scanned: 181461
Time elapsed: 12 minute(s), 47 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
c:\Users\Joss\AppData\Local\Temp\Twg.exe (Trojan.FakeAlert.SA) -> 2540 -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XMZH42I4GI (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Value: 8DDYX0ZBPZ -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\NAME REMOVED\AppData\Local\Temp\Twg.exe (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.