My PC Got Hijacked!

By | 9 June 2008

My home computer running on a Windows XP Home Edition got hijacked by spywares, trojans and malwares 2 days ago. I turned on my pc late Thursday night and to my dismay and shock my beautiful desktop wallpaper has been replaced by a message filled with typos telling me spyware threat has been detected on my pc and that I should quickly protect my computer with some anti-spyware programs. My Internet Explorer just redirects to a page listing some anti-spyware products which I doubt are real. I launched the Task Manager to see what processes are causing all this mayhem. I instead got the error message: “Task Manager has been disabled by your administrator“. I just about flipped out when I saw that as I am the administrator! I then sort of knew I was in for the long haul and it was just too late in the night to do anything. So I turned off my pc and got to work disinfecting my PC at late Friday night. I noticed by then my pc’s speed has been reduced to a crawl but thank god I could still access the internet and my Firefox could still access sites without being hijacked as was the case with Internet Explorer. I installed AVG Anti-Spyware and had my pc scanned with it. It managed to detect only some spywares and that apart it didn’t do a good job at all at quarantining and removing them. They are still there after re-booting. So I removed AVG and installed Webroot Spy Sweeper which I read almost everywhere that it is one of the top anti-spyware programs in existence. So with that fact in mind I was feeling kind of confident when installing it. After the install, I started the Spy Sweeper scan on my pc and by 3am it was detecting around 40+ anti-spywares where 3 of which are categorised as High Risk threats ! Two of which is the CoolWebSearch and Trojan.Downloader.xs . I just let it continue its scan while I went to bed, I was just too sleepy by then. Woke up at 6.45am (Saturday) to have a look at the scan results. Spy Sweeper had completed its scan by then and there was a long list of malwares and trojans which it had detected. I selected all of them and quarantined them. Upon reboot I was disappointed to find that my pc is still not yet back to normal. Spy Sweeper is still detecting the CoolWebSearch malware and moving it to quarantine section each time it tries to change the registry. I tried deleting CoolWebSearch from my pc with the Spy Sweeper delete key but to no avail as it will resurface within 1 minute. Spy Sweeper just failed miserably at getting rid of CoolWebSearch ! It got rid of the easy ones like webenhance.dll but not this one. I just realised Spy Sweeper being a top notch anti-spyware is just hype. Frustrated I installed the lesser known anti-spyware, SUPERAntiSpyware Professional, as a last ditch attempt before maybe comtemplating a hard disk format. And you know what, it turned out to be heaven sent ! Thank God ! It was beautiful, it managed to detect a whole lot more spywares etc. then all the so called top anti-spywares in less than half the time and what’s really wonderful is it managed to successfully removed all of them including the nasty CoolWebSearch and Trojan.Downloader.xs (which turned out to be the main perpetrator and the hijacker of my desktop and Internet Explorer) without even breaking a sweat. I just rebooted my pc next and it was back to normal except for the execution of the Task Manager which I still get the error message : “Task Manager has been disabled by your administrator“. This I managed to resolve by applying the method outlined by Microsoft Support here.

It was tiring that one and a half days but I’m glad I got rid of them pests and life is back to normal.

Leave a Reply

Your email address will not be published. Required fields are marked *