546mpster

Thanks for your help screen317, it is tremendously appreciated. Malwarebytes' Anti-Malware 1.44 Database version: 3902 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18882 3/22/2010 10:54:54 PM mbam-log-2010-03-22 (22-54-54).txt Scan type: Quick Scan Objects scanned: 121565 Time elapsed: 29 minute(s), 18 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 2 Registry Data Items Infected: 3 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Neel\AppData\Local\MSASCui.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Neel\AppData\Local\MSASCui.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Neel\AppData\Local\MSASCui.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Users\Neel\Local Settings\Application Data\MSASCui.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully. DDS (Ver_10-03-17.01) - NTFSx86 Run by Neel at 1:02:09.41 on Tue 03/23/2010 Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_18 Microsoft

Thanks, yes I do. Some help would be appreciated.

Should I reformat?

Can anyone help with this?

Hello, On 2010-03-07, in th early evening, I got hit with the Vista Internet Security 2010 virus. After trying a lot of things, I managed to boot into safe mood, rename the executable of Malwarebytes ('vistanext'), install and run Malwarebytes. It looks and feels like the infection is gone, however, I am worried if it is. I am especially worried about keyloggers, since I do things like banking and Skype calls home/credit online. My OTL logs, Hijack This log, and Malwarebytes log (pre and post infection) are attached. My OTL settings follow this thread: http://forums.malwarebytes.org/index.php?s...=39041&st=0 Thanks for your time, which is really really appreciated. mbam_log_2010_03_07__23_05_31_.txt mbam_log_2010_03_07__20_45_24_.txt hijackthis.txt Extras.Txt OTL.Txt