false positive?

[polonus]

The hjt logfile seems OK, but there is new rogue av malware that sometimes installs on:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
-http://apod.nasa.gov/apod/astropix.html

Do you get popups with fake av or do you get redirected to fake sites?

Maybe essexboy may have a cleansing routine for you, a run with TDSSKiller.exe and OTL log analysis, wait untill he appears,

polonus

[riobio]

I have NOT had any popups with fake av, and there has not been any redirects.

[essexboy]

No further problems would suggest that MBAM killed whatever it was 

[riobio]

No further problems would suggest that MBAM killed whatever it was 

Thanks to all; I truly appreciate your assistance.
riobio

[DavidR]

Hi,
Run hijack this from trend micro and post the log to read? Sure a malware process is running!

Sorry bobo1, but HijackThis is a busted flush now, it hasn't had any development for probably over 18 months and it just isn't up to the task any longer. It doesn't even look in the areas that modern malware hides, this is why specialist analysis tools have come to the fore like OTS as you will see mentioned in the forums.

David R, you're saying the hijack this is useless?  If so, do you have a suggestion?  Just finished deleting all system restore points, making a new one, doing a full mbam scan which shows zero "0" infections.  Am I done, or is there something else?

Pretty much so, any security application that hasn't had development in over a year, really isn't keeping up with developments.

Any suggestions would be dependant on the circumstances, e.g. if you were still getting symptoms and other general removal tools haven't resolved it, which doesn't appear to be the case. But as I mentioned in the quoted text OTS, but that is a specialist tool that requires specialist analysis (essexboy, etc.), so it isn't a tool that you jump straight in and run without it being requested.

[Asyn]

Thanks for the input; finally got a link to submit the FP.

You're welcome..!