 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Forum / Windows XP / Basics / December 2005Trojan.Desktophijack help
Sorry if my questions are long and ridiculous, but I am truly a novice at this all. While online, I got a Norton security alert about Trojan.Desktophijack. I was very tired and don't remember if it said "detected" or "infected" (don't know if that matters), but thought it said something about not being able to repair it. I was guided to the Symantec site, and it confuses me. In Norton Anti-Virus reports, it showed the virus as quarantined. The details for it said it was a "backed-up copy of a file that has been repaired" and indicated that I could delete it. In Symantecs "What to do after you quarantine a file", it instructs you to determine if the file is needed. Looking at their steps to do this, I couldn't tell *for sure*; my best guess was that it was not, so I finally hit "delete". I am a worrier, and I'm worried about having done this. The virus no longer shows up in quarantine. I don't have any trouble with my desktop wallpaper or icons right now (haven't yet shut down and restarted computer). This Symantec "What to do after..." page does not show any further steps to follow, but another "Security Response" page says to Disable System Restore (Windows Me/XP). Update the virus definitions. Run a full system scan and delete all the files detected as Trojan.Desktophijack. Delete any values added to the registry. Reset the Internet Explorer home page. Reset the desktop wallpaper. There are many, many steps I could screw up doing all of that. I don't understand any of it. So, do I need to do the above or anything else? Any problem having deleted that back-up file? Or could I really be good to go now? Thanks for your patience and your help.  Signaturebookbabe With the exception of 'delete any values added to the registry' all the others are straightforward. You need to disable system restore in order to delet all the system restore points. The reason for this is that the trojan was more than likely saved when a system restore was taken. Deleting all system restore points means you cannot restore your system to a previous time, thus re-infect the machine. Go to control panel and click the system icon. next click the system restore tab and then click your mouse on the box marked 'turn off system, restore on all drive'. Click apply followed by OK. All system restore points will now be deleted. All you need do then is open system properties again (click the system icon), click the system restore tab and then remove the tick from the box 'turn off system restore on all drives'. System restore will now start monitoring again and creating restore points. Make sure your anti virus definitions are updated, by updating Norton Anti Virus, then run a full scan. if nothing shows up the trojan has been removed. The same applies to the desktop wallpaper. you can check this from the display option. You will, of course, need to restart your pc at some point to ensure that everything is working okay. SignatureJohn Barnett MVP Associate Expert http://xphelpandsupport.mvps.org The information in this post is supplied "as is". No warranty of any kind, either expressed or implied, is made in relation to the accuracy, reliability or content of this post. The Author shall not be liable for any direct, indirect, incidental or consequential damages arising out of the use of, or inability to use, information or opinions expressed in this post.. Go to control panel and click the Internet options icon. on the general tab make sure that your home page is the one you have always had, not some obscure website. If it is not the usual home page you use, then change it back to your usual home page. > Sorry if my questions are long and ridiculous, but I am truly a novice at > this all. [quoted text clipped - 35 lines] > > Thanks for your patience and your help. Thanks for your response. Why answers are always helpful. Just a couple of more questions: My understanding of what you outline below is that I will be Disabling System Restore, Updating virus definitions and Running a full scan. Am I not doing anything about step 4. "delete any values added to the registry" then? Or if I am, can you offer some instructions that are more straightforward than Symantec's? Also, you write >> The same applies to the desktop wallpaper. you can check this from the display option << I'm not clear about what applies to the desktop wallpaper, that is, what I will be checking, from what display option, or where that is. Further along in your post I see steps for resetting the homepage. Does the wallpaper process follow along the same lines? Thankyou so much, bookbabe > With the exception of 'delete any values added to the registry' all the > others are straightforward. [quoted text clipped - 14 lines] > Virus, then run a full scan. if nothing shows up the trojan has been > removed. The same applies to the desktop wallpaper. you can check this from the > display option. > > You will, of course, need to restart your pc at some point to ensure that > everything is working okay. Go to control panel and click the Internet options icon. on the general tab > make sure that your home page is the one you have always had, not some > obscure website. If it is not the usual home page you use, then change it [quoted text clipped - 38 lines] > > > > Thanks for your patience and your help. You only need to delete registry values if the tojan has inserted new values in the registry. As the trojan was 'quarantined' before it could do any damage i'm assuming no registry values were changed. However, let me know the link you used on the Symantec site and i'll see what they suggest. As for wallpaper it is simply a matter of going to control panel, click the display icon, then click the desktop tab. is the desktop you always use, i.e., Bliss highlighted or has the desktop pattern been changed? if it's been changed then change it back to Bliss or your original desktop background. SignatureJohn Barnett MVP Associate Expert http://xphelpandsupport.mvps.org The information in this post is supplied "as is". No warranty of any kind, either expressed or implied, is made in relation to the accuracy, reliability or content of this post. The Author shall not be liable for any direct, indirect, incidental or consequential damages arising out of the use of, or inability to use, information or opinions expressed in this post.. > Thanks for your response. Why answers are always helpful. Just a couple of > more questions: [quoted text clipped - 109 lines] >> > >> > Thanks for your patience and your help. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.