A couple of day's ago I made a huge mistake and clicked on a video that an aquaintance sent me via facebook. I know it was a very foolish thing to do, and I'm done beating myself over the head, but now I need help removing it. I read about it and it seems it has been around for a while now, but the forums say to go to your windows directory and find files that are either tmark2.dat and/ or mstre6.exe files and delete them. But, I can not find these files in my windows directory.

After running a McAfee full scan and finding the virus was still very present, I ran a ParetoLogic Anti-Virus Plus which also took a very long scan on my stuff and hours later displays that I have 38 items total that have been detected, most just a bunch of cookies, but the last 3 it displays are:

Obfuscated AAX Trojan
Trojan-Downloader.win32.Fraudload.eki
Trojan.Win32.Agent.clsj

I went back to my windows directory to look for these so I could manually delete them, but have been unable to find them. Then, I also searched the internet and found some websites list these as fake detractors that fake anti0spyware sites use to try and get you to purchase their spyware for $40.

There's definately something on my computer, but its difficult to conclude which is the best route to take. Can anyone here advise me the best (and least costly) course of action. I am on my bf's laptop which is not infected, seeking help All constructive guidance is welcome and greatly appreciated.

Gratefully, C6P

UPDATE - i dont know what I did wrong, but not even a single view on my topic? I musta done something wrong. Where to properly post????

This post has been edited by cold666pack: Jun 12 2009, 12:40 PM

Hi there - we get to everyone as and when we can

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS to your Desktop

• Close ALL OTHER PROGRAMS.
• Double-click on OTS.exe to start the program.
• Check the box that says Scan All Users
• Check the box that says 64 bit
• Under Additional Scans check the following:
  • File - Lop Check
    
  • File - Purity Scan
    
  • Evnt - EvtViewer (last 10)
• Now click the Run Scan button on the toolbar.
• Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

Due to inactivity this topic will be closed.
If you need help please start a new thread and post a new HJT log