Computing.Net > Forums > Security and Virus > Desktop Hi Jack

Desktop Hi Jack

Reply to Message Icon

Original Message
Name: pwmicalizzi
Date: October 1, 2005 at 20:35:24 Pacific
Subject: Desktop Hi Jack
OS: Windows XP PRo
CPU/Ram: Amd Athlon XP 2400+ 512DD
Comment:

My desktop tabs seem to have disapeared and i have a new background that came along wiht a bunch of trojans. As far as I know i have gotten rid of the trojans. But my desktop tabs are gone. I have two options under desktop properties. i have tried several things with no luck of regaining them. Please help


Paul


Report Offensive Message For Removal


Response Number 1
Name: PC GEEK
Date: October 2, 2005 at 14:27:08 Pacific
Subject: Desktop Hi Jack
Reply: (edit)

Sounds like a desktop hijacker(s) alright. What do you have for AV? I would download, update and run eset nod32 in Safe Mode.


Report Offensive Follow Up For Removal

Response Number 2
Name: jabuck
Date: October 2, 2005 at 14:52:27 Pacific
Subject: Desktop Hi Jack
Reply: (edit)

It sounds like smitfraud but I couldn't be sure without an Hijack This log.

What exactly have you done so, can you use the computer to get on line and what two items are in properties.

If you can get online download http://noahdfear.geekstogo.com/smitRem.exe . Save the file to your desktop.
Unzip smitRem.zip to extract the files it contains.
Do not do anything with it yet. You will run the RunThis.bat file later in safe mode.

Next download this cleanup tool http://www.stevengould.org/software/cleanup/ A window will open and choose save, then desktop as the destination.
On your Desktop, click on Cleanup40.exe icon.
Then, click run and place a checkmark beside "I Agree"
Then click next followed by start and ok.
A window will appear with many choices, keep all the defaults as set when the slide bar to the left it is set to standard quality.
Click ok
DO NOT RUN IT YET

Download this trail version of Ewido Security Suite(not the beta scan) http://www.ewido.net/en/download/ .Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the ok button and it will go to the main screen
On the left side of the main screen click update
Click on start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.

Start the computer in Safe Mode

1. Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

2.Run Ewido. Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop

3.Run the clean-up tool.

4.Go to Control Panel > Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click apply then ok.

5.Next go to Control Panel > Display. Click on the "Desktop" tab then click the "Customize Desktop" button. Click on the "Web" tab. Under "Web Pages" you should see an entry checked called something like "Security info" or similar. If it is there, select that entry and click the "Delete" button. Click ok then apply and ok.

6.Restart back into Windows normally now.

7.Run this online scanner Panda

8. Your host file may be damaged. To repair it download http://www.funkytoad.com/download/hoster.zip.Unzip Hoster.zip
Open Hoster.exe
Then click on "Restore Original Hosts"
Close program when complete.
Empty Recycle Bin




Report Offensive Follow Up For Removal

Response Number 3
Name: pwmicalizzi
Date: October 3, 2005 at 13:54:32 Pacific
Subject: Desktop Hi Jack
Reply: (edit)

Hey thanks, i did what you said and i have control of my desktop once again.

Paul


Report Offensive Follow Up For Removal







Use following form to reply to current message:

   Name: From My Computing.Net Settings
 E-Mail: From My Computing.Net Settings

Subject: Desktop Hi Jack

Comments:

 


  Homepage URL (*): 
Homepage Title (*): 
         Image URL: 
 
Data Recovery Software




How often do you use Computing.Net?

Every Day
Once a Week
Once a Month
This Is My First Time!


View Results

Poll Finishes In 3 Days.
Discuss in The Lounge