Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Desktop hijacked

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby Rogue » August 19th, 2007, 4:06 pm

Hi Jen,
jenster78 wrote:I'm back again! I've managed to get into safe mode, using F5 and checking my keyboard settings.

Yahoooo
*Rogue sits back with a sigh of relief, then stands up and does a happy dance.*

You won't need to redo the steps previously posted. It appears to have cleaned what it found in Normal Mode.

Two more questions for you.
Is your desktop and icons back to normal?
Is your Kapersky AntiVirus subscription expired or valid?

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah
Advertisement
Register to Remove

Unread postby jenster78 » August 20th, 2007, 6:59 am

Hi Rogue,

A happy dance huh? I like the sound of that :D

Now, the icons which kept appearing on my desktop are gone, haven't seen them for a good few days.

Funnily enough I was having problems with Kaspersky, I kept getting alerts saying my protection wasn't up to date, but I had renewed my licence in February so that was weird. I went into it just now, and everything is green. It tells me protection is up to date, malicious codes have been neutralised, and it was updated on August 19th. Not sure what happened there, but it seems to be fine now.

Am I out of the woods then?

Thanks,

Jen
jenster78
Active Member
 
Posts: 12
Joined: August 13th, 2007, 5:42 pm

Unread postby Rogue » August 20th, 2007, 2:37 pm

Hi Jen,

Many times an infection will disable an antivirus program so it can drop it's ware's. Everything looks good as far as I can see.
Just need to tidy things up and give some help to prevent this in the future.

Update Adobe Reader
Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version. Adobe Reader 8.
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UN[b/]check the box which says Also Download Adobe Photoshop® Album Starter Edition.

*=========================*

[b]Uninstall Unnecessary Tools/Files


SmitfraudFix from your Desktop
C:\rapport.txt
SafeBootKeyRepair.exe from your desktop
C:\SafeBoot_Repair.txt

These were problem specific and were not intended for everyday use.
*========================*

Flush System Restore
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a Restore Point, and then click Ok

Next, go to Start > Run and type in cleanmgr
Select the More Options tab
Choose the option to Clean Up System Restore and select OK.
This will remove all restore points except the new one you just created
*========================*

This is my post for when you are All Clean - which you seem to be.

But to help protect you against further infections, and also to help prevent criminals using your computer to infect other people's computers on the web, I recommend the following: (You may already have some of the items or completed steps)

Make your Internet Explorer more secure - This can be done by following these simple instructions:
  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
    1. Change the Download signed ActiveX controls to Prompt
    2. Change the Download unsigned ActiveX controls to Disable
    3. Change the Initialise and script ActiveX controls not marked as safe to Disable
    4. Change the Installation of desktop items to Prompt
    5. Change the Launching programs and files in an IFRAME to Prompt
    6. Change the Navigate sub-frames across different domains to Prompt
    7. When all these settings have been made, click on the OK button.
    8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.


Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Set up system to ensure a regular update of the Operating System.

Automatically:
  1. On the Desktop, right-click My Computer.
  2. Click Properties.
  3. Click on Automatic Updates
  4. Check the option of choice (I use Automatic (Recommended)). If you use dial-up I would recommend using the
    Notify Me option so that you can download when you can afford the time and bandwidth overheads.
  5. Select the Day/Time of choice
  6. Click Apply
  7. Click OK



Safe Surfing,

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby jenster78 » August 20th, 2007, 3:41 pm

Good evening Rogue!

It's funny you should mention Adobe, because about half an hour ago I tried to look at some photos using the picture viewer and it kept bugging. I've updated Adobe reader now.

I've uninstalled the tools you asked me too and created a restore point. However, when I go into start and run and type cleanmgr, I don't have the tab you mentioned. It just asks me whether I want to clean the C drive or the D drive. I didn't do either.....

I don't use IE, I use Firefox for the web. IE is installed on my PC, should I do those steps anyway then? I guess it won't do any harm.

Automatic updates are good, still set automatically for every evening.

Phew! It's no mean feat getting rid of all that nasty stuff is it? I really appreciate your help, and my husband is also extremely grateful (he keeps asking if we're clean yet). Is there somewhere I can tell everyone how great you are and how great this forum is for poor infected PCs?

Thank you so much for all your help, we would really have been stuck otherwise :D

Jen
jenster78
Active Member
 
Posts: 12
Joined: August 13th, 2007, 5:42 pm

Unread postby Rogue » August 20th, 2007, 5:07 pm

Hi Jen,

I've uninstalled the tools you asked me too and created a restore point. However, when I go into start and run and type cleanmgr, I don't have the tab you mentioned. It just asks me whether I want to clean the C drive or the D drive. I didn't do either.....

When it first starts and asks for drive, choose your drive, it will look like its scanning then when it opens up you should see the tab More Options. If not, here is an alternative way:
Turn off System Restore.
On the Desktop, right-click My Computer
Click Properties
Click the System Restore tab
Check Turn off System Restore
Click Apply, and then click OK

Reboot.

Turn on System Restore.
On the Desktop, right-click My Computer
Click Properties
Click the System Restore tab
Uncheck Turn off System Restore
Click Apply, and then click OK
NOTE: only do this ONCE, NOT on a regular basis!


Phew! It's no mean feat getting rid of all that nasty stuff is it? I really appreciate your help, and my husband is also extremely grateful (he keeps asking if we're clean yet). Is there somewhere I can tell everyone how great you are and how great this forum is for poor infected PCs

Sometimes infections go quietly and sometimes they are a bit stubborn. We have some really big hammers hiding in a back room for the stubborn ones ;)

Thanks for the complement. Glad we could be of service.
We do have a spot here at MRU to leave kudos
http://www.malwareremoval.com/forum/viewtopic.php?t=524

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby jenster78 » August 21st, 2007, 7:06 am

OK Rogue, I've taken the second option since I still didn't have the tab when I clicked on the drive to be cleaned.

So it's all good now, right?

Thank you so much for taking the time to sort out my machine, I really appreciate it. I'll go and leave a message to that effect now!

Cheers!

Jen
jenster78
Active Member
 
Posts: 12
Joined: August 13th, 2007, 5:42 pm

Unread postby Rogue » August 21st, 2007, 5:03 pm

Glad we could be of assistance.

This topic is now closed. If you wish it
reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.


You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid,
working link to the closed topic is required along with the user name used.
If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: Wreck17 and 20 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware