Yesterday I got an alert from AVG stating my laptop was infected with malware. The AVG alert said it was a Trogan and I googled how to deal with it. This involved clicking computer-organize–folders and search options-view and unchecking 'don’t show hidden files, folders and drives. This allowed me to see the recycle bin where the offending files was located. I then rebooted in safe mode and ran Malwarebytes which showed up two other trogans and tracking cookies. I deleted these and rebooted. I use firefox and had problems with it running slow so uninstalled it and reinstalled it. It ran faster but I can’t change the homepage or things like the font. I also noticed Explorer was running slow. Today I scanned using Super anti spyware and PUP.bProtector showed up. I followed the instructions elsewhere in in these forums, using AdwCleaner and scanning using Malwarebytes. I also scanned using Super Anti and AVG and all seems clear. But I have the following issues:
I can’t change homepage or font in Firefox (Explorers OK)
My installed printer had disappeared from ‘Hardware and Devices’ and I can’t install the driver for my printer.
I can’t change the font in Excell.
These three issues have been there since yesterday. I’m using Win 7 (64bit)
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
I get a prompt saying the driver was installed successfully but looking at ‘Hardware and devices’ there’s nothing in the window. When I connect the printer via USB I get a prompt to install a Fax.
Hi, this what i get
Add a local printer-Choose a printer port-LPT1:(Printer Port)[1st option from drop down menu]-Choose printer from list(HPDeskjet920c)-Use the driver that is currently installed(recommended)-Printer name :hp deskjet 920c(copy5) this printer will be installed with the hp deskjet 920c driver-share this printer so that others on the network can find and use it (share name hp deskjet 920c(copy5) )- you’ve successfully added hp deskjet 920c(copy5)-Print Test Page - Finish
*EDIT Forgot to say when I click ‘Finish’ i get the prompt 'default printer cannot be set **********
The printer is wired and isn’t permanently connected to the laptop. I can’t delete the copies of the printer because I can’t locate them. Clicking Control Panel-Hardware and Sound-Devices and Printers. The window that results is empty.
Hi
The printers working now. I clicked on the notepad OTL scan -file - print and found the multiple copies of the printer and deleted all but one, it also lists ‘fax’ ‘Microsoft XPS Document’ and 'Send to Onenote 2010. So it looks like it’s sorted. Thanks
I’m getting fed up with the inability to make changes to Firefox settings. I use an add-on called ‘pricedrop’ which tracks products on Amazon and alerts you if the price falls. You can then reset the price point at the new lower price and you get an alert the next time it falls. If I close Firefox down and re-open it not only cannot I not change the home page but the pricedrop alerts from Wednesday keep cropping up in addition to any new ones since. I’ve now got 14 alerts I keep having to reset each time I open Firefox.
[size=12pt]I got fed up with firefox and uninstalled it and deleted all the folders associated with Mozilla from the C drive. Whilst it was being uninstalled I got a threat warning from AVG saying I’d been infected with a Trogan Horse Generic29.AHHS located in C:$RECYCLE.BIN\5-1-5-21-37929205205-3819457138-4037491838-1000$afe47218d3ef99208cfc4c-859cb12bee\n.
I updated and ran Malwarebytes no threats detected
Updated and ran AVG no threats detected
Updtaed and ran SuperAntiSpyware which detected 82 tracking cookies.
The Trogan Horse Generic29. is what started all this on Wednesday and I deleted that from the recycle bin after going into documents and unchecking ‘hide protected operating system files’. Is it still on my system?
*****EDIT*******Just to add I checked the $recycle bin and ‘5-1-5-21-37929205205-3819457138-4037491838-1000$afe47218d3ef99208cfc4c-859cb12bee\n.’ is not there. [/size]
That looks to be a false positive on the part of AVG, there is malware that hides in the recycle bin but it is only for SID C:$RECYCLE.BIN\5-1-5-18
I can run the deeper zero access check but I can see no sign of it
Download and Install Combofix
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
It didn’t reboot after combo finished so i rebooted manually. Please see log attached
The computer appears to be running fine, The only issue is with Firefox, which I re-installed earlier. I still can’t make any changes stick e.g. homepage, privacy settings, fonts etc.
I didn’t do it using the method described in your link. I went into the Mozilla file on the C Drive in the ‘programmes’ folder and used the uninstall wizard in mozzilla folder.
Hi I followed those instruction and re-installed FFox and it a-OK now. I’m having problems with explorer though. When I launch explorer it goes to the home page if I do a search, for example, and click on a search link a new page opens but it’s blank. I tried to uninstall explorer but it won’t let me it keeps telling me i need permission from ‘TrustedInstaller’
thanks for all your help by the way. I realise I haven’t properly thanks you. I don’t know where my manners are.