Hello,
I have posted once today but have since found out my infection is much more severe than I had thought originally. I have been researching the posts here for HJT, VundoFix, and others. It seems that anytime I try and download these programs, something terminates the download prematurely, and it closes the webpage. I had installed HJT but it will not open something is terminating it. Could this be some type of high level virus or trojan? What should I do if I can't even download these programs.
I am running Windows XP SP2 on a Dell Latitude Laptop D610. I am running my computer in safe mode because it is the only way it will run with out freezing. If I start it regular, it comes to a crawl. Please Help Me...
Full Version: Very Infected...
Can you perform an Online scan? Post the results if it works.
http://housecall.trendmicro.com/
If not Post an HJT log
Preparation Guide for use before posting a HijackThis Log
Post that HERE, by clicking new topic
http://housecall.trendmicro.com/
If not Post an HJT log
Preparation Guide for use before posting a HijackThis Log
Post that HERE, by clicking new topic
Hello,
I ran a scan with the online panda product and here is the log. I cannot run anything with HJT, if I do it automatically closes and/or the webpage will close. If I run a search on Google and include the word hijackthis or hjt, the results show up for a second or two and then the page closes. Normal searches are ok. Seems to me that any kind of product out there that is used for trojans/antivirus are not working anymore. I use AntiVir and it finds viruses but they come back. I have run everything in safe mode. Even my safe mode the triangle now pops up in the task bar but at least I get networking in safe mode.
Incident Status Location
Adware:Adware/SystemDoctor Not disinfected c:\windows\system32\ibebcvol.exe
Adware:Adware/SystemDoctor Not disinfected c:\windows\system32\rurcpapy.exe
Adware:Adware/SystemDoctor Not disinfected c:\windows\system32\qvmtmbap.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\User1\Desktop\SmitfraudFix\Process.exe
Virus:Trj/Shutdown.Z Disinfected C:\Documents and Settings\User1\Desktop\SmitfraudFix\restart.exe
Potentially unwanted tool:Application/UltimateFixer Not disinfected C:\fbksrfbj1.exe
Potentially unwanted tool:Application/UltimateDefender Not disinfected C:\fbksrfbj2.exe
Adware:Adware/UltimateCleaner Not disinfected C:\fbksrfbj3.exe
Hacktool:HackTool/Cain.B Not disinfected C:\Program Files\Cain\Abel.dll
Spyware:Spyware/Virtumonde Not disinfected C:\Program Files\Common Files\{DCF06CDB-063B-1033-0201-051114200001}\services.dll
Spyware:Spyware/Virtumonde Not disinfected C:\Program Files\Common Files\{DCF06CDB-063C-1033-0201-051114200001}\services.dll
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\system32\urgbmlqj.exe
I ran a scan with the online panda product and here is the log. I cannot run anything with HJT, if I do it automatically closes and/or the webpage will close. If I run a search on Google and include the word hijackthis or hjt, the results show up for a second or two and then the page closes. Normal searches are ok. Seems to me that any kind of product out there that is used for trojans/antivirus are not working anymore. I use AntiVir and it finds viruses but they come back. I have run everything in safe mode. Even my safe mode the triangle now pops up in the task bar but at least I get networking in safe mode.
Incident Status Location
Adware:Adware/SystemDoctor Not disinfected c:\windows\system32\ibebcvol.exe
Adware:Adware/SystemDoctor Not disinfected c:\windows\system32\rurcpapy.exe
Adware:Adware/SystemDoctor Not disinfected c:\windows\system32\qvmtmbap.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\User1\Desktop\SmitfraudFix\Process.exe
Virus:Trj/Shutdown.Z Disinfected C:\Documents and Settings\User1\Desktop\SmitfraudFix\restart.exe
Potentially unwanted tool:Application/UltimateFixer Not disinfected C:\fbksrfbj1.exe
Potentially unwanted tool:Application/UltimateDefender Not disinfected C:\fbksrfbj2.exe
Adware:Adware/UltimateCleaner Not disinfected C:\fbksrfbj3.exe
Hacktool:HackTool/Cain.B Not disinfected C:\Program Files\Cain\Abel.dll
Spyware:Spyware/Virtumonde Not disinfected C:\Program Files\Common Files\{DCF06CDB-063B-1033-0201-051114200001}\services.dll
Spyware:Spyware/Virtumonde Not disinfected C:\Program Files\Common Files\{DCF06CDB-063C-1033-0201-051114200001}\services.dll
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\system32\urgbmlqj.exe
I tried your links and they will not work just like I explained earlier. I am guessing I will have to format 
Sometimes if you rename the hijackthis.exe file to something else (eg. abcd.exe) it will run correctly.
Hello,
I was discovering as time went on how serious my infection was. Many of the programs like HJT, SmitFraud, Eiwdo, and others do not open. When I tried to open the topics under HJT in this forum it let me post but right after that I could not even open the topic; it would simply close the webpage. I did a search on google for HJT and as soon as the results propogated the webpage would close. I am finally able to read and post research because I am off duty (I am a firefighter) and am now on another laptop. Someone suggested changing the name of the HJT .exe file, I had already tried that. I did not try closing explorer and then trying to open it, my guess is it won't work but I am going to try. I was considering trying to get a virus scanner on my knoppix live distribution and see if that will work but that will take a while because I have to get my laptop screen to work and have the hardware detected correctly so I can have internet access to download the virus scanner fprog. The yellow triangle is still on my task bar in safemode. My laptop freezes (cpu overload) when I try normal mode. I would appreciate any help and if you know someone who is really expirienced with these gnarly viruses/trojans, if you could ask them to help.
I was already corrected for posting in several topics and the reason I did this was soon after I posted in the HJT the webpage would close if I tried opening to see any advice and I had no other computer at the time. I did have all shift (I work for the fire department) to try and cure this infection and tried like hell for about a good six hours with no improvement.
I was discovering as time went on how serious my infection was. Many of the programs like HJT, SmitFraud, Eiwdo, and others do not open. When I tried to open the topics under HJT in this forum it let me post but right after that I could not even open the topic; it would simply close the webpage. I did a search on google for HJT and as soon as the results propogated the webpage would close. I am finally able to read and post research because I am off duty (I am a firefighter) and am now on another laptop. Someone suggested changing the name of the HJT .exe file, I had already tried that. I did not try closing explorer and then trying to open it, my guess is it won't work but I am going to try. I was considering trying to get a virus scanner on my knoppix live distribution and see if that will work but that will take a while because I have to get my laptop screen to work and have the hardware detected correctly so I can have internet access to download the virus scanner fprog. The yellow triangle is still on my task bar in safemode. My laptop freezes (cpu overload) when I try normal mode. I would appreciate any help and if you know someone who is really expirienced with these gnarly viruses/trojans, if you could ask them to help.
I was already corrected for posting in several topics and the reason I did this was soon after I posted in the HJT the webpage would close if I tried opening to see any advice and I had no other computer at the time. I did have all shift (I work for the fire department) to try and cure this infection and tried like hell for about a good six hours with no improvement.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.