help with laptop problems!

G

george88

New Member
lately i'd been getting many trojan alerts, which occured when i installed this superantispyware program. i deleted it about a week ago after reading something bad about it but on start up there'd always be a virus message indicating trojan had infected a particular file in my symantec folder but it'd always be successfully cleaned.

last night i used my computer as usual and now just under 12 hours later i boot my laptop up to find all files i'd put on the desktop gone, wallpaper gone, internet explorer page changed. it'd originally been this jat.ph scam search page which i avoided seeing by changing the proxy page to blank page, and now its the old google search page again. all my favorite pages are gone, 2 years' worth, and autocomplete and password save messages are coming up again.

Also this thing about my graphics display in the hidden icons box in start-up bar has appeared showing 32 bit, so and so resolution size and landscape mode.

The strangest bit is that a game i'd installed over a week earlier still remains, as does another from over a year ago.

Can somebody help me out with this? How could all these have happened overnight without anybody touching it? start-up or shut down was no longer than usual so this is very confusing.
 
Ok, do the following in order. You may have to do this in safe mode.

1.

Please download and run TDSSkiller

When the program opens, click on the start scan button.

tdssstartscan_zps32a151cd.jpg


TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

2663-2-eng.png


To remove the infections simply click on the Continue button and TDSSKiller will attempt to clean them or remove them.

After trying to clean them it will pop up with the results of the scan and its actions.

2663_3_en.png


Please reboot the system if asked to do so.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it example, C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt

Please open the log and copy and paste it back here.

2.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Vista and Windows 7 users must right click on the hijackthis icon and click on run as. If the run as option doesn't appear then press and hold the shift key while right clicking on the icon to get it to appear.


Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log


I would also suggesting downloading and run unhide.exe if any desktop icons or program on the start menu have disappeared.

http://www.bleepingcomputer.com/download/unhide/dl/6/

After you reply with the 3 logs we will see what needs to be done.
 
You must log in or register to reply here.
Back
Top