Beetles on my screen

By joelle
Jun 4, 2008
  1. It just started yesterday but I have beetles "eating" my icons and crawling around on my desktop. What should I do about this? Is it erasing everything?
  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    That is a new on to me but sounds very interesting.

    Lets start with seeing a log

    Highjackthis Instructions
    • Make sure you have the LATEST version of HJT (currently v2.0.0.2) it can be downloaded from HERE
    • Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
    • After installing, the program launches automatically, select Scan now and save a log
    • After the scan is complete please attach your log onto the forums using the paper clip icon above your reply.
  3. joelle

    joelle TS Rookie Topic Starter

  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    I don't see an anti-virus or firewall on there, nor any realtime protection from spyware. What I do see is a few infections.

    #1 - Install one of these Anti-virus
    AVG 7.5 Free
    Avast Free
    Avira Free<- My recommendation


    #2 - Combofix
    • Download Combofix to your desktop.
    • Double click combofix.exe & follow the prompts.
    • A window will open with a warning.
    • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
    Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

    Combofix will automatically save the log file to C:\combofix.txt

    #3 - Download Malwarebytes' Anti-Malware
    • Please download Malwarebytes' Anti-Malware to your desktop.
    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to
      • Update Malwarebytes' Anti-Malware
    • then click Finish.
    • If an update is found, it will download and install the latest version.
    • close MBAM

    Print this section or save to a notepad file on your desktop
    Run Smitfraudfix
    • Download Smitfraudfix by S!ri from HERE
    • Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
    • Double-click SmitfraudFix.exe
    • Select 2 and hit Enter to delete infected files.
    • You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
    • The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
    • A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt

    While in Safe Mode scan with MBAM which was updated in regular mode


    Afterwards attach here

    1) Combofix.txt
    2) rapport.txt
    3) MBAM log
    4) Hijackthis ran after everything is complete
  5. joelle

    joelle TS Rookie Topic Starter

    That is a lot of stuff to download. These are all safe for my computer?
  6. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Safer than the infection you have on there, safer than having 0 protection from attacks.

    After we clean you up, we will uninstall most of this as they are not good for everyday use, but only for targeting specific infecitons.
  7. joelle

    joelle TS Rookie Topic Starter


    Im getting an error message saying You cannot rename ComboFix as ComboFix[1] please use another name,preferbaly made up of alphanumeric characters. I didn't try to rename it, it just poped up.
  8. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Did you ever run combofix in the past, it sounds as if it was not properly uninstalled.

    Do this
    • Click START then RUN
    • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    For Vista
    you can hit the windows key + R to access the run prompt or type combofix /u into the search bar after clicking start


    Then please continue with the rest of my instructions and we will consider coming back to it later
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...