A couple of months ago I was using my computer from my administrator account and a program asked for permission to do something and I granted it permission and immediately had the intuitive feeling that I’d done the wrong thing. When I went back to using my standard account clicking on my Firefox toolbar icon said that the program this shortcut was connected to was missing. It was as if Firefox was uninstalled (I tried various ways of launching it) but it was still listed in my programs in the control panel. I started using Chrome from my standard account. It also did this with a program called Trillian, which is a messaging program which combines all the various messaging formats into one program.
When I used my administrator account again (which I was trying to avoid since something seemed to be wrong) Firefox worked but it was full of advertising. That is, there were ad’s in the browser itself. I ran an Avast scan which didn’t find anything, then I ran an Avast boot time scan which still didn’t find anything. I tried uninstalling and reinstalling Firefox, which didn’t work. I’ve left it uninstalled at present. I’ve kept Avast up to date and my OS up to date (which is Windows 7) and tried another boot time scan recently which found nothing.
I haven’t been acting on getting it fixed urgently as I was planning on getting a Mac Mini anyway (which I have now bought). All’s I’ve really done is avoid doing any internet banking since this occurred. Even though I’m going Mac it would be good to get this sorted, what-ever it is might transfer when I transfer my files to the Mac and live on, even if it can’t affect the Mac. I’ve now downloaded and run Malwarebytes Anti-Malware, OTL and aswMBR and have attached their logs.
your Malwarebytes log say “NO ACTION TAKEN” update malwarebytes, run new quick scan…make sure evrything detected is marked for removal and click REMOVE SELECTED button
Be careful, some viruses now are for windows,mac.and linux together. Also you should have a antivirus cause there is some java malware for macs out and also it can prevent you from phishing websites.
[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
[*]Double click on zoek.exe to run the tool . Please wait while the tool does not start…
[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:
A big thank you to all those people who have been replying and helping me.
Malwarebytes update button is greyed out, I presume that’s because it is up to date? I didn’t realise I hadn’t selected the malware it found in the first scan when I clicked ‘remove.’ Ran Malwarebytes again, Zoek and OTL again and have attached the logs.
OK I downloaded a fresh copy of Zoek.exe from http://home.kpn.nl/stefsmeenk/zoek.exe, ran it with the script from magna86 and attached the results, and I ran Malwarebytes from my administrator account, updated it and ran a quick scan and attached the results.
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.