OK! I've been bitten again. problem this time is that it's locked down Malware Bytes as well as all my browsers.
AVG has a spyware scan which is running at the moment but I'm not holding my breath.
I am currently logged onto the forums using Xfire's in-game browser through Halo. Not ideal, but it works. (gotta love Xfire right?)
I have done a little digging and found the location of the process is usually c:\users\[your profile name]\appdata\local but when looking for the file to manually delete it, it doesn't show regardless of whether I have the option to show hidden or system files checked.
I started up a command prompt and navigated to the folder and dir/a/p shows the file as apl.exe (a different name each time btw) but a delete command just brings up a file not found message.
To be brutally honest, I'd rather an application quarantined and removed the little blighter for me as I'm not sure simply finding and deleting the file will have any positive results.
i have a second question as well though. is there any security feature in the browsers that will enable me to stop or otherwise have to approve things like this from attatching themselves to my system? I run Chrome and Firefox.
Alternatively are there any other malware applications that run a real-time protection but that aren't too pop-uppy?
thanks,
~Fraggle
edit: AVG found the registry entry which was a shell open command and it pointed to the file in appdata\local. It has removed the registry entry but the 'dir' command in cmd prompt still shows the exe. is present. Still, I can now use my browsers with impunity, and more importantly, Malwarebytes is fully functional again so i will be using that to purge my system of any remnants of the insidious little blighter.
2nd edit: Interestingly, when I was worried that I wouldn't be able to use MalwareBytes, I started installing Spybot S&D and that's found 11 registry entries and the apl.exe file. and this is after AVG's spyware scanner has 'cleaned' the infection. Don't get me wrong, AVG found a registry entry and unlocked my browsers etc... but it just doesn't cut the mustard as a standalone spyware app.