so unfortunately I've managed to get myself a virus that redirects me when I visit sites on Google chrome. I've also noticed that when I Right-click on Chrome or Firefox and click 'Properties -->'Security' I see a weird, unknown user account listed. A couple of times now, I've gotten an 'app was reset' message and one time I saw a command prompt open and disappear in a second.
I've tried nearly everything in removing this thing, and it always comes back. I haven't installed anything recently. I got the virus by clicking on a link accidentally, and a pop-up appeared and it was too late, the virus had already downloaded. Since then, I keep getting redirects to more malicious software, when I click on sites that I visit often.
I've tried running MalwareBytes, MalwareBytes Anti-Rootkit Windows Defender, Kaspersky, Norton Power Eraser, HitmanPro, AVG, AdwCleaner, TDSSKiller, JRT, RKill, Sophos Virus Removal Tool, SecurityCheck and The Windows Repair tool from Tweaking(dot)com and nothing seems to work! I've even tried reinstalling Google Chrome & Firefox and it still comes back. Can anyone help me with this? Thanks
I had previously posted a topic about this issue here: http://www.bleepingcomputer.com/forums/t/627103/redirect-virus-help-needed/page-3
The mysterious account names start with 'S-1-5-21' as you can see in the attached logs. The one I've noticed most often is the account: 'S-1-5-21-3059459435-627724901-1248588466-1001'
Edited by kooky500, 20 September 2016 - 10:13 PM.