This morning I received a notice from Avast! that it has detected a threat. I ran a full scan, and here’s some results:
2 Files in C:\Users\name\AppData\Local\Temp, that have been deleted, but had these in them:
Win32:FakeAlert-MZ [trj]
Win32:Alureon-HA [trj]
And the following according to Malwarebytes Anti-Malware:
Registry Keys Infected:
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) → Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xzomrykp (Rogue.AntivirusSuite.Gen) → Quarantined and deleted successfully.
In the massive amount of paranoia I’ve had over this, I’ve installed other AV solutions and scanned the crap out of this machine. Every single one of them says this system is clean, but I’m really nervous.
Am I now safe, or should I do more to be sure?