Jump to content

Recommended Posts

Hi,

I've been having some problems with my notebook since last sunday. These are some notes that I made:

At startup Symantec notices trojan virus "Mozilla Firefox.exe" in C:\ProgramData\Mozilla
My browser Mozilla Firefox is located in C:\Program Files (x86)\Mozilla Firefox, so this location is odd to me
The folder "Mozilla" is invisible in C:\ProgramData, even with hidden folders unhidden
Can be accessed by entering the address in the address bar
Can be made visible by going to cmd and entering [attrib -s -h "C:\ProgramData\Mozilla"]

When opening Google Chrome, the UAC-box appears that "Google Chrome.exe" wants to make changes to my computer
The paths to the file from the UAC-box are "C:\Programdata\Chrome\chrome.exe" and "C:\Programdata\Chrome\chrome.tmp"
My browser Google Chrome is also located in C:\Program Files (x86), so this location is also odd
When I click 'cancel', the same box just pops up ad infinitum

Standard browser search engines in the address bar in Google Chrome, Mozilla Firefox and Internet Explorer have been set to some "Google Custom Search"
Homepages have been set to yourtv.link

The symptoms seem to be very similar to this case below, and so I have included the logs from a scan with FRST.

 

FRST.txt

Addition.txt

Link to post
Share on other sites

Hi,

Thanks for your swift reply! The notebook is my own, but I got it through my university. They offer notebooks at an enormous discount to students, including all the software licenses you need for your study, to make sure all students have the right study material. Once you've completed your degree at the university you can keep the notebook (the software licences expire after that).
In any case, it's not used for any commercial purposes or affiliated to any commercial institution (other than the university where I study).

Link to post
Share on other sites

Let me know if this fixed the issue:

 

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif


icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

Thanks! It seems to have been completely fixed. Symantec no longer reports anything suspicious, chrome doesn't start weird files and the yourtv.link homepages and search engines have been removed. I attached the fixlog to my post.

Many thanks! Now I can finish my essay without having to worry about malware infecting my notebook. :)

Fixlog.txt

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.