arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 30, 2014 13:19:18 GMT -8
Log file and extras attached. When I opened FF this morning it defaulted to the original Mozilla page rather than Google. Changing it to google via options is not remembered, on restart it goes back to Mozilla. The change occured in the last 24 hours, I am running FF Vsn 32.0.3 Attachment DeletedAttachment Deleted
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Sept 30, 2014 13:47:01 GMT -8
Is it just a problem in the Administrator account?? or does it also affect the Athol account??
I see Firefox has updated or installed something on the Administrator account.
Quads
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 30, 2014 14:02:57 GMT -8
It was happening for both user accounts. I have done a reset of FF which has cleared the extensions I had running and I am able to set the home page successfully. Unless you think otherwise, will add the extensions again one at a time later to see if I can identify the cause.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Sept 30, 2014 14:19:59 GMT -8
One folder has appeared between ESET and OTL of
[2014/09/30 17:21:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\TreeCardGames
You can uninstall ESET Online scanner using the Control Panel
Quads
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 30, 2014 14:34:09 GMT -8
Have uninstalled ESET scanner.
I have a card game, 123 Free Solitaire installed and could have run it yesterday between posts. Otherwise the file name means nothing to me. Might be best to remove 123 Solitaire?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Sept 30, 2014 15:04:25 GMT -8
Don't know I have never dealt with the Software.
I am going through the 3 logs to script.
Quads
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Sept 30, 2014 21:51:21 GMT -8
Start OTL, Right click "Run as Administrator" Under Copy and paste What I have put in the .txt file I have attached, all the way to the bottom ([REBOOT] is the last command line) , It is in the correct line by line layout as it is to be for OTL to understand, what I want it to do. (include the : at the start of :OTL and all the way to the end / bottom) and run the script. (Red Run Fix Button) The output log, should be placed in the C:\_OTL\MovedFiles folder after, to attach back here. Looks like a txt file not a Folder Quads
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 30, 2014 23:35:45 GMT -8
Ran the script as advised. At the end a brief message saying that there was an error creating the log file was displayed and the system rebooted. The attached txt file was displayed on the desktop on reboot. Attachment Deleted
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 1, 2014 9:48:00 GMT -8
It must have still done what it couldn't log to know to restart the system to delete some temp files Tools and Quarantines we used to be removed Please download DelFix by Xplode to your Desktop. toolslib.net/downloads/viewdownload/2-delfix/Double-click to run the program; Note: Windows Vista/7/8 users right-click and choose Run as administrator Make sure the Remove Disinfection tools is ticked / selected in the list Click RUNA log will be opened after the operation is finished Copy and Paste it in your next reply Quads
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Oct 1, 2014 12:58:24 GMT -8
Log follows
The icons for the adware.txt files, extras.txt, fixlog.txt, otl.txt and otl 2.txt remain on the desktop though the size is shown as zero
# DelFix v10.8 - Logfile created 02/10/2014 at 06:56:03 # Updated 29/07/2014 by Xplode # Username : Administrator - ATHOL-PC # Operating System : Windows 8.1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\_OTL Deleted : C:\Users\Administrator\Desktop\AdwCleaner[R0].txt Deleted : C:\Users\Administrator\Desktop\AdwCleaner[S0].txt Deleted : C:\Users\Administrator\Desktop\Extras.Txt Deleted : C:\Users\Administrator\Desktop\Fixlog.txt Deleted : C:\Users\Administrator\Desktop\OTL 2.Txt Deleted : C:\Users\Administrator\Desktop\OTL.Txt Deleted : C:\Users\Administrator\Desktop\OTL.exe Deleted : C:\Users\Administrator\Downloads\FRST64.exe Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
|
|