I have a virus programme on my comp. MBAM does not detect it. Although I can see it in my programmes, I cannot delete i because it tells me I need to be the administrator. It tells me this even while logged in as admin. I also have kaspersky which detects that it is there but it cannot remove it. Ant help would be greatly appreciated!!
I used the OTS thing too and attached my log.
What programmes are reported as infected ?
All I can see at the moment is clickpotato
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-4015492428-82776258-144438551-1000\] > ->
YN -> HKEY_USERS\S-1-5-21-4015492428-82776258-144438551-1000\: URLSearchHooks\\"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< FireFox Settings [Prefs.js] > -> C:\Users\Mary\AppData\Roaming\Mozilla\FireFox\Profiles\vjt9n1yz.default\prefs.js
YN -> browser.search.defaultthis.engineName -> "Conduit Engine Customized Web Search"
YN -> browser.search.defaulturl -> "http://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}"
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
YY -> HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com -> C:\Program Files\ClickPotatoLite\bin\10.0.666.0\firefox\extensions [C:\PROGRAM FILES\CLICKPOTATOLITE\BIN\10.0.666.0\FIREFOX\EXTENSIONS]
< FireFox SearchPlugins [User Folders] > ->
YY -> conduit.xml -> C:\Users\Mary\AppData\Roaming\Mozilla\Firefox\Profiles\vjt9n1yz.default\searchplugins\conduit.xml
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-4015492428-82776258-144438551-1000\] > -> HKEY_USERS\S-1-5-21-4015492428-82776258-144438551-1000\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
[Files/Folders - Created Within 30 Days]
NY -> ClickPotatoLiteSA -> C:\ProgramData\ClickPotatoLiteSA
NY -> ClickPotatoLite -> C:\Program Files\ClickPotatoLite
[Files/Folders - Modified Within 30 Days]
NY -> AK083E209605E394C.lie -> C:\Windows\System32\AK083E209605E394C.lie
NY -> SystemToolsDailyTest.job -> C:\Windows\tasks\SystemToolsDailyTest.job
[Files - No Company Name]
NY -> AK083E209605E394C.lie -> C:\Windows\System32\AK083E209605E394C.lie
[File - Lop Check]
NY -> SystemToolsDailyTest.job -> C:\Windows\Tasks\SystemToolsDailyTest.job
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
Had a slight problem saving the log cause my computer battery died and I couldn’t find the log after that. I did manage to get rid of clickpotato though. I did another scan with ots and will attach the log of it. Not sure it will help you though…
Yep it has gone - what are your current problems ?
I looks like that was my only problem. Nothing else is showing up since it was removed. It was probably the cause of all of my problems!!! Thanks for the help!!
No problem - run OTS and hit the cleanup button