Re: A new hijacking
From: Malke (notreally_at_invalid.com)
Date: 09/20/05
- Next message: steve.a: "Re: A new hijacking"
- Previous message: Malke: "Re: unknown software exception"
- In reply to: floresrikitic_at_hotmail.com: "A new hijacking"
- Next in thread: steve.a: "Re: A new hijacking"
- Reply: steve.a: "Re: A new hijacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Sep 2005 06:48:25 -0700
floresrikitic@hotmail.com wrote:
> This one doesn't seem to be affecting things too much EXCEPT
> that I now have a wallpaper that won't go away. It's a blood-
> red screen with a black area in the middle with "DANGER: SPYWARE"
> flashing in huge red letters. Then it goes on to tell me how
> I can pay them extortion money (my words not theirs) "for as
> low as $49.95" to get rid of the shit. My homepage had also
> been replaced by a warning from them, that I was being watched,
> along with listing my DNS etc. etc. (I think I've gotten
> rid of that problem, but the wallpaper I haven't been able to.)
>
> All this crap started yesterday after very briefly visiting
> an adult site. I wish they all had one neck and my hands
> were around it. It'll stop when these scum start being sent
> to prison for doing this. I've run HijackThis and Spybot,
> and have of course tried to change my wallpaper, but of course
> they've covered that and I can't override what they've done.
> Not yet anyway. Anybody know about this one and what to
> do to solve it? Thanks a bunch.
When visiting "adult sites", never download the "free viewer". There is
no free lunch; those "viewers" are trojan horses or other malware.
Go through the following malware removal steps, doing everything in Safe
Mode with updated tools. It would be smart to get all the tools and
updates from a different, known-clean computer with Internet access and
a cd burner (or have a usb thumbdrive with enough capacity to transfer
the files).
http://www.elephantboycomputers.com/page2.html#Removing_Malware
To get rid of the desktop warning being displayed by malware, go to the
Display applet in Control Panel and look on the Desktop tab. Click on
Customize Desktop, and then click on the Web tab. You will see that
there are checkmarks next to "My Current Home Page" and probably "Lock
Desktop Items". Uncheck these. By highlighting the "My Current Home
Page" and clicking on the Properties button, you will be able to
determine the name of the file that is the message. It might be called
something like "security.html" or the like.
Click Apply and OK out when you've made your changes. Then you want to
find the *.html malware file and delete it.
If you can't enable desktop backgrounds after a virus, MVP Kelly Theriot
has a fix. Look under Wallpaper-Desktop-Disable Changing here:
http://www.kellys-korner-xp.com/xp_w.htm
If Display tabs are missing, run Kelly's registry edit on line 285,
right-hand side "Restore all display tabs".
Malke
-- Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!" MS-MVP Windows - Shell/User
- Next message: steve.a: "Re: A new hijacking"
- Previous message: Malke: "Re: unknown software exception"
- In reply to: floresrikitic_at_hotmail.com: "A new hijacking"
- Next in thread: steve.a: "Re: A new hijacking"
- Reply: steve.a: "Re: A new hijacking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
