Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus? or something else?


  • This topic is locked This topic is locked
11 replies to this topic

#1 brandontf8o8

brandontf8o8

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 07 May 2014 - 05:29 AM

hey guys, hope someone can help me with this.

 

basically i turned my computer on today and noticed off hand that my wall paper was changed and that all my desktopitems had been deleted.  Strange.

 

then noticed that none of my files are on my computer.  something like a system wipe i guess.  programs still show up in my uninstall list on the control panel however when i try to open them up it tries to reinstall the programs.

 

Ive run malware bytes and it detected 12 things which it removed.  MSE didnt find anything, and spybot removed 1 threat. after running the scans windows security center popped up saying that its turned off and should be turned back on.

 

when i try to turn i on i get an error message saying 

"the windows security center cannot be started"

 

sorry i didnt think to get screenshots of anything prior to jumping on here. any ideas on what i can do to fix this?

 

also the last time i backed my computer up was about 6 months ago (i know. stupid) is there anything i can do to retrieve all the data that is missing?

 

any help would be awesome.  Thanks guys!



BC AdBot (Login to Remove)

 


#2 RedRay

RedRay

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:38 AM

Posted 07 May 2014 - 06:10 AM

Did you do anything strange recently with your computer like download and execute a file or something?  Can you also say what did MBAM and MSE detected.  



#3 brandontf8o8

brandontf8o8
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 07 May 2014 - 03:17 PM

No I havnt run any programs. Got a tv show but that's about it.

Also I didn't think to screen shot what was found with either. So I'm not sure what they were.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:38 PM

Posted 07 May 2014 - 07:40 PM

Hello this seems like a possible ZeroAccess trojan.
DO NOT run a Registry cleaner or all your files will be lost.

The only safe way to fix this is by following this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 brandontf8o8

brandontf8o8
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 09 May 2014 - 02:44 PM

sorry havnt been able to get to my computer for a couple days will ruin taht now.

 

Thanks!



#6 brandontf8o8

brandontf8o8
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 09 May 2014 - 03:03 PM

ok so im currently backing up my laptop.

 

when i download the dds program it automatically goes to my downloads folder. (im not getting an option to download to a specific location)

 

when i try to open the folder i get this error message wow i cant even get a screen shot haha ill just type it in lol

 

C:\windows\system3config\systemprofile\documents\downloads refers to a location that is unavailable.  it could be on a hardrive on this computer, or on a network.check to make sure that the disc is properly inserted, or that you are connected to the internet or your network, and then try again.  if it is still unavailable, the information might have been moved to a different location.

 

now i can run the program its just im not sure how i would get the logs. any thoughts?



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:38 PM

Posted 09 May 2014 - 07:46 PM

Hi if you are using WIN8 you cannot run DDS.
If so please start the new topic. State you have win * or 8.1, someone will help you from there.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 brandontf8o8

brandontf8o8
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 09 May 2014 - 07:57 PM

Ic I'm using windows 7

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:38 PM

Posted 09 May 2014 - 10:31 PM

If you cannot get DDS to work, please try this instead.

Please download OTL by OldTimer and save it to your Desktop.
  • Close all other applications and windows so that you have nothing open.
  • Double click on the otlDesktopIcon.png icon on your desktop.
    Vista/Windows 7 users right-click and select Run As Administrator
  • .
    If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • Under Output, ensure that Minimal Output is selected.
  • Click the "Scan All Users" checkbox.
    Leave the remaining selections to the default settings.
    If using a 64-bit system, the option for "Include 64bit scans" should be auto-checked.
  • Click the runscanbutton.png button.
  • Do not use the computer while the scan is in progress.
  • When the scan is complete, two log files will open in Notepad:
    • OTL.txt <- (will be maximized)
    • Extras.txt <- (will be minimized in the Task Bar).
  • Both logs are automatically saved to the Desktop.
  • Please copy and paste the contents of OTL.txt into a new topic in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here.
  • Also copy and paste the contents of Extras.Txt in your next reply as well. If the Extras.Txt log is too long, you may need to add it as an attachment.
  • Click the red X in the upper right corner to exit OTL.
  • Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run. If OTL did not work, then reply back here.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 brandontf8o8

brandontf8o8
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 09 May 2014 - 10:37 PM

The problem I'm running into is I'm not given an option on where to DL the programs so I can't save to desktop.

If the logs save in the same directory that the program is in, I have the problem where I can't access the directory due to that error message.

Is there an override or workaround to save files to desktop? Sorry at work right. Ow but I'll try to install the otl program when I get home and see if I can get a different result this time around.

Thanks though

#11 brandontf8o8

brandontf8o8
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 10 May 2014 - 06:01 AM

ok boop thanks OTL worked posting the thread now.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:38 PM

Posted 10 May 2014 - 08:27 PM

Post looks good.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users