I first ran Panda and it said I had a trojen downloaded.hof. I tried Symantec corp ver 10...no success, Adaware, Spybot, spy blaster and V cleaner. No luck. During this time someone from some university was loading code into my computer via notepad. I saw it but didnt know how to stop it. I ran cmd.exe netstat and found two connected addresses that were foreign. Carol recommended your cure for removing spy sheriff with ewido, clean up, kill box and smitfraud,reg and I followed the instructions. It appears to have worked but that code that was entered is still there.
It looks like in every folder I open there is a shadowed icon that looks like a service icon...a gear. It is titled desk top.ini. It warns me not to delete the icon in the folders as it is part of the operating system. I delete it anyway and nothing happens. However, it always comes back. I did a search on my hard drive for desk top .ini and it returned 36 entries, all except 5 on notepad.
The color of the tool bar at the bottom of all of my folders has turned gray, including my desk top and and the start menue. My Yahoo pages are scrunched up at the top border. I dont know what else this thing is doing so far but there a number of these icons in my inet temp folders as well. I dont know if I'm sending or recieving or both..I would love to get my OS back to original status. The code indicates these ini files are in system 32...but I cant find them and if I did I would probably make it worse.
So, what I would like to know is if theres anyone willing to look at my hijack log, advise me and ito find out if I have to have permission to print it here...dont want to violate any protocol.
Next I want to get rid of those desk top.ini things in my folders and last I want to be able to go back to my original config...color ect...
I think that pretty much satisfies the rules for posting a problem.
Anyone? Carol?? a little guidence please...thanks oops..I'm running XP Pro
Edited by Jim D, 23 March 2006 - 11:12 PM.