Hi,
My computer has been infected with malware for a couple days now. It seems to be getting worse after every reboot, so I don't know how much time I have left before I can't access Windows or my files anymore. I scoured the net for solutions and stumbled onto this site. Followed the 8-step guide, or tried to rather, to the letter. If anyone can help me out, it'd be greatly appreciated cause I'm clueless as to what to do now and this is my last resort (I really don't like bothering others with my problems). Thanks in advance for any help you can give.
My system (from what I remember, can't access info):
Intel P4, 2.0 gHz, 512mb RAM
Windows XP Pro (2002 Version), SP3 installed
Sharing internet access with another computer through a router
Initial problem: I was surfing the web a couple nights ago when some malware was downloaded to my computer without my permission, something called AVCare? Firefox windows would open randomly sending me to random pay sites. Google searches would send me to random sites as well. Scrollbars on browser windows would extend way right and down for no apparent reason. Spybot wouldn't load when double-clicked, Ad-aware or AVG Free didn't find anything. I deleted AVCare from the add/remove programs in the control pannel, but my system was still screwed up.
Followed Step 1: Ran Trend Micro HouseCall, found a few things, trojans among others, removed them. Deleted AVG, downloaded and installed Avira Free, found near 200 items, quarantined them. Can't attach log, or include it in this post (too long). Here's what was found:
TR/FraudPack.qax.30 Trojan
HTML/Infected.WebPage.Gen HTML script virus
HTML/IFrame.13197 HTML script virus
HEUR/HTML.Malware suspicious code
EXP/ASF.GetCodec.Gen exploit
TR/Click.VBiframe.XI Trojan
TR/Crypt.PEPM.Gen Trojan
TR/Dldr.FraudLoad.fbs.2 Trojan
HTML/Malicious.PDF.Gen HTML script virus
TR/FraudPack.qav Trojan
TR/Dropper.Gen Trojan
TR/Crypt.ASPM.Gen Trojan
And the summary:
Can get more info on request.
Followed Step 2: Downloaded and ran CCleaner twice with all boxes ticked except that 1. After a reboot, this is where Windows started getting really weird. System tray had no icons except volume icon, desktop background was gone (even though default "Bliss" was selected), size of title and scroll bars in windows smaller than usual, etc.
Followed Steps 3 and 4: No problem.
Step 5: Downloaded Malwarebytes' app, couldn't install it. Followed the guide on this forum to get around it (can't link it, need 5 posts) and was able to install in safe mode, but couldn't run it after. Still can't run it in normal mode. I double-click the icon and nothing happens.
I can't go any further because Firefox or IE won't load anymore when their icons are double-clicked. Maybe I can get them to work in safe mode. Colors in Windows are off now as well. Did a reboot at one point and the logon screen asked me for a password (never had one). Entered admin password and got this message: "The system cannot find message text for message number 0x%1 in the message file for %2." Did another reboot and luckily got into Windows. Running another scan with Avira now. A few more trojans showing up.
If I can do anything to remedy this, please let me know. Thanks again.
Glandith
UPDATE: Downloaded SAS and HJT on an older computer and transferred it using my USB drive. When I try to run SAS, I get an error message with an option to report. Double-clicking on HJT doesn't do anything.
UPDATE: I was able to run Malwarebytes' app by renaming the executable file to bob.exe. When I click 'remove selected', the following comes up:
My computer has been infected with malware for a couple days now. It seems to be getting worse after every reboot, so I don't know how much time I have left before I can't access Windows or my files anymore. I scoured the net for solutions and stumbled onto this site. Followed the 8-step guide, or tried to rather, to the letter. If anyone can help me out, it'd be greatly appreciated cause I'm clueless as to what to do now and this is my last resort (I really don't like bothering others with my problems). Thanks in advance for any help you can give.
My system (from what I remember, can't access info):
Intel P4, 2.0 gHz, 512mb RAM
Windows XP Pro (2002 Version), SP3 installed
Sharing internet access with another computer through a router
Initial problem: I was surfing the web a couple nights ago when some malware was downloaded to my computer without my permission, something called AVCare? Firefox windows would open randomly sending me to random pay sites. Google searches would send me to random sites as well. Scrollbars on browser windows would extend way right and down for no apparent reason. Spybot wouldn't load when double-clicked, Ad-aware or AVG Free didn't find anything. I deleted AVCare from the add/remove programs in the control pannel, but my system was still screwed up.
Followed Step 1: Ran Trend Micro HouseCall, found a few things, trojans among others, removed them. Deleted AVG, downloaded and installed Avira Free, found near 200 items, quarantined them. Can't attach log, or include it in this post (too long). Here's what was found:
TR/FraudPack.qax.30 Trojan
HTML/Infected.WebPage.Gen HTML script virus
HTML/IFrame.13197 HTML script virus
HEUR/HTML.Malware suspicious code
EXP/ASF.GetCodec.Gen exploit
TR/Click.VBiframe.XI Trojan
TR/Crypt.PEPM.Gen Trojan
TR/Dldr.FraudLoad.fbs.2 Trojan
HTML/Malicious.PDF.Gen HTML script virus
TR/FraudPack.qav Trojan
TR/Dropper.Gen Trojan
TR/Crypt.ASPM.Gen Trojan
And the summary:
Can get more info on request.
Followed Step 2: Downloaded and ran CCleaner twice with all boxes ticked except that 1. After a reboot, this is where Windows started getting really weird. System tray had no icons except volume icon, desktop background was gone (even though default "Bliss" was selected), size of title and scroll bars in windows smaller than usual, etc.
Followed Steps 3 and 4: No problem.
Step 5: Downloaded Malwarebytes' app, couldn't install it. Followed the guide on this forum to get around it (can't link it, need 5 posts) and was able to install in safe mode, but couldn't run it after. Still can't run it in normal mode. I double-click the icon and nothing happens.
I can't go any further because Firefox or IE won't load anymore when their icons are double-clicked. Maybe I can get them to work in safe mode. Colors in Windows are off now as well. Did a reboot at one point and the logon screen asked me for a password (never had one). Entered admin password and got this message: "The system cannot find message text for message number 0x%1 in the message file for %2." Did another reboot and luckily got into Windows. Running another scan with Avira now. A few more trojans showing up.
If I can do anything to remedy this, please let me know. Thanks again.
Glandith
UPDATE: Downloaded SAS and HJT on an older computer and transferred it using my USB drive. When I try to run SAS, I get an error message with an option to report. Double-clicking on HJT doesn't do anything.
UPDATE: I was able to run Malwarebytes' app by renaming the executable file to bob.exe. When I click 'remove selected', the following comes up:
Followed by:
Followed by:
Anyway, here's the log from the results page:
