Trojan and highjacker

[svaningen]

hi i have a samsung satelite with xp, and it has gotten a trojan and highjacker program calling itself thinkpoint.


Basically how it happened is i was surfing the internet when i got this legit looking add come up saying i have a trojan and i need to scan, while this was coming up my avg warning was coming up saying i have a trojan, so i ignored the first one and clicked to get to the avg page but right as i was about to click repair the other page popped up and clicked that page, and it was done.

now when i ever i turn on my computer is logs on and does everything and after the log in noise it automatically opens think point and give me an option to do a full scan or start normal, but the start normal option cannot be clicked.

i have the original cd that came with the laptop to format it, but i put it in hoping it would take me to an option to format my computer but it only takes me to the thinkpoint page.


any help or suggestions on how to formatt my laptop?

 

[Broni]

See here: http://www.bleepingcomputer.com/virus-removal/remove-thinkpoint

 

[johnb35]

Since you are running XP its pretty easy to remove thinkpoint. However, the taskmanager may or may not work. I've already removed thinkpoint from 2 machines and taskmanager worked on one but not on the other.

The easiest thing to do would be to boot to safe mode with networking and log into the administrator account as thinkpoint won't load on it. Then you can perform the following.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log

If malwarebytes don't run then you can download this program to your desktop and run it. Please disable any security programs from running before running combofix. Also if you have AVG, unfortunately, it must be uninstalled completely before combofix will run.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.

• Download this file here :
  
  http://www.bleepingcomputer.com/download/anti-virus/combofix
  
• Then double click combofix.exe & follow the prompts.
• When finished, it shall produce a log for you. Post that log in your next reply

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.

After running combofix, you should be able to then run malwarebytes in regular bootup mode.

In your next reply please post:

• The ComboFix log
• The Malwarebytes log
• A fresh HiJackThis log Please note that hijackthis needs to be ran in regular bootup mode.
• An update on how your computer is running