A very clever scam induced me to run an executable file I was tricked into thinking was a legitimate update for TeamSpeak 3 (the sound plugin scam, if any of you are familiar). I realized it was a scam attempting to steal my Steam account moments afterward and promptly ran a fast Malware Bytes scan and then rebooted in safe mode. MalwareBytes detected and deleted something, but I'm worried that it was merely the trojan executable and not what it downloaded onto my machine. I then used Comodo Cleaning Essentials, Avast, and Kaspersky's TDSSKiller kit. None of them detected anything.
As far as I'm aware, the trojan runs client32.exe and downloads a remote access program called Ammy Admin renamed to winsvchost. This is all stuff I've heard from other people who were phished.
I took care of my passwords, changing them from a separate, uninfected machine, but I'm worried that there might still be a backdoor on this machine. I'm afraid to relog from here. Is there anything more I can do?
EDIT: I'm now receiving random crashes in Firefox. I attempted a system restore to an earlier point but received an error message:
Apparently it rewrote some files but didn't have permission to deal with system files for some reason. Firefox was fixed, though, and no longer seems to crash. I ran FRST again and the logs have been updated accordingly. I'm very sorry for the inconvenience.
FRST.txt:
[redacted by user after resolution]
Addition.txt:
[redacted by user after resolution]
Edited by Captain Smee, 30 September 2015 - 02:14 AM.