RE: smitfraud has me by the balls.....

21-05-2008, 12:07 AM

Hello folks!

Don't want to waste to much of your time, this fourm was my last hope before
the obvious rebuild of my Xp machine, I have narrowed this down to the
SmitFraud due to the symptoms I am seeing, after spending nearly the better
part of a day, I thought maybe someone can offer some suggestions please.

The thing that is making it so hard to clean is that I am not able to run
any applications on XP cept for IE, any other application I try and run I
get the classic 'open with' windows box asking to choose a program to open
the file, even worse when I try to access system functions(ie. display
properties) I get another 'control panel' error
'c:\windows\system32\rundll32.exe' Aplication not found.

Although Rundll32.exe is in the proper directory, however the malware is not
allowing access to the rundll32 function, in turn causing my other programs
to give me the 'open with' dialog box.

Hence I am not able to run Hijack THis at the moment to view the log, if I
can get past this Rundll32.exe issue then I am on my way to fixing the
remainder, only thing is I am stumped on this one part, so you can imagine
that any suggestions are more than welcome and very appreciated.

Cheers!

21-05-2008, 02:06 AM

From: "ruez46" <ruez46@midnight.com>

| Hello folks!

| Don't want to waste to much of your time, this fourm was my last hope before
| the obvious rebuild of my Xp machine, I have narrowed this down to the
| SmitFraud due to the symptoms I am seeing, after spending nearly the better
| part of a day, I thought maybe someone can offer some suggestions please.

| The thing that is making it so hard to clean is that I am not able to run
| any applications on XP cept for IE, any other application I try and run I
| get the classic 'open with' windows box asking to choose a program to open
| the file, even worse when I try to access system functions(ie. display
| properties) I get another 'control panel' error
| 'c:\windows\system32\rundll32.exe' Aplication not found.

| Although Rundll32.exe is in the proper directory, however the malware is not
| allowing access to the rundll32 function, in turn causing my other programs
| to give me the 'open with' dialog box.

| Hence I am not able to run Hijack THis at the moment to view the log, if I
| can get past this Rundll32.exe issue then I am on my way to fixing the
| remainder, only thing is I am stumped on this one part, so you can imagine
| that any suggestions are more than welcome and very appreciated.

| Cheers!

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/i...hp?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/...splay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malwa..._Here-f37.html
http://gladiator-antivirus.com/forum...?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/...p?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

21-05-2008, 02:06 AM

thankyou Sir!

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:rrGYj.1247$ah.878@trnddc06...
> From: "ruez46" <ruez46@midnight.com>
>
> | Hello folks!
>
> | Don't want to waste to much of your time, this fourm was my last hope
> before
> | the obvious rebuild of my Xp machine, I have narrowed this down to the
> | SmitFraud due to the symptoms I am seeing, after spending nearly the
> better
> | part of a day, I thought maybe someone can offer some suggestions
> please.
>
> | The thing that is making it so hard to clean is that I am not able to
> run
> | any applications on XP cept for IE, any other application I try and run
> I
> | get the classic 'open with' windows box asking to choose a program to
> open
> | the file, even worse when I try to access system functions(ie. display
> | properties) I get another 'control panel' error
> | 'c:\windows\system32\rundll32.exe' Aplication not found.
>
> | Although Rundll32.exe is in the proper directory, however the malware is
> not
> | allowing access to the rundll32 function, in turn causing my other
> programs
> | to give me the 'open with' dialog box.
>
> | Hence I am not able to run Hijack THis at the moment to view the log, if
> I
> | can get past this Rundll32.exe issue then I am on my way to fixing the
> | remainder, only thing is I am stumped on this one part, so you can
> imagine
> | that any suggestions are more than welcome and very appreciated.
>
> | Cheers!
>
>
>
>
> Forums where you can get expert advice for HiJack This! (HJT) and
> Deckard's System Scanner
> Logs.
>
> NOTE: Registration is REQUIRED in any of the below before posting a log
>
> Suggested primary:
> http://www.thespykiller.co.uk/index.php?board=3.0
>
> Suggested secondary:
> http://www.bleepingcomputer.com/forums/forum22.html
> http://castlecops.com/forum67.html
> http://www.malwarebytes.org/forums/i...hp?showforum=7
>
> Suggested tertiary:
> http://www.dslreports.com/forum/cleanup
> http://www.cybertechhelp.com/forums/...splay.php?f=25
> http://www.atribune.org/forums/index.php?showforum=9
> http://www.geekstogo.com/forum/Malwa..._Here-f37.html
> http://gladiator-antivirus.com/forum...?showforum=170
> http://forum.networktechs.com/forumdisplay.php?f=130
> http://forums.maddoktor2.com/index.php?showforum=17
> http://www.spywarewarrior.com/viewforum.php?f=5
> http://forums.spywareinfo.com/index.php?showforum=18
> http://forums.techguy.org/f54-s.html
> http://forums.tomcoyote.org/index.php?showforum=27
> http://forums.subratam.org/index.php?showforum=7
> http://www.5starsupport.com/ipboard/...p?showforum=18
> http://aumha.net/viewforum.php?f=30
> http://makephpbb.com/phpbb/viewforum.php?f=2
> http://forums.techguy.org/54-security/
> http://forums.security-central.us/forumdisplay.php?f=13
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>

21-05-2008, 03:59 AM

From: "ruez46" <ruez46@midnight.com>

| thankyou Sir!

YW and let us know how you make out.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

21-05-2008, 11:56 PM

ruez46 wrote:
> Hello folks!
>
> Don't want to waste to much of your time, this fourm was my last hope
> before the obvious rebuild of my Xp machine, I have narrowed this
> down to the SmitFraud due to the symptoms I am seeing, after spending
> nearly the better part of a day, I thought maybe someone can offer
> some suggestions please.
> The thing that is making it so hard to clean is that I am not able to
> run any applications on XP cept for IE, any other application I try
> and run I get the classic 'open with' windows box asking to choose a
> program to open the file, even worse when I try to access system
> functions(ie. display properties) I get another 'control panel' error
> 'c:\windows\system32\rundll32.exe' Aplication not found.
>
> Although Rundll32.exe is in the proper directory, however the malware
> is not allowing access to the rundll32 function, in turn causing my
> other programs to give me the 'open with' dialog box.
>
> Hence I am not able to run Hijack THis at the moment to view the log,
> if I can get past this Rundll32.exe issue then I am on my way to
> fixing the remainder, only thing is I am stumped on this one part, so
> you can imagine that any suggestions are more than welcome and very
> appreciated.
> Cheers!

have you tried the removal tool from S!R! ?? also some other tools
http://www.dslreports.com/faq/13935 a known good legit site
works for me.
Clark...
--
Don't you have Google in your part of the world?

21-05-2008, 12:07 AM	#1
ruez46 Guest Posts: n/a	RE: smitfraud has me by the balls..... Hello folks! Don't want to waste to much of your time, this fourm was my last hope before the obvious rebuild of my Xp machine, I have narrowed this down to the SmitFraud due to the symptoms I am seeing, after spending nearly the better part of a day, I thought maybe someone can offer some suggestions please. The thing that is making it so hard to clean is that I am not able to run any applications on XP cept for IE, any other application I try and run I get the classic 'open with' windows box asking to choose a program to open the file, even worse when I try to access system functions(ie. display properties) I get another 'control panel' error 'c:\windows\system32\rundll32.exe' Aplication not found. Although Rundll32.exe is in the proper directory, however the malware is not allowing access to the rundll32 function, in turn causing my other programs to give me the 'open with' dialog box. Hence I am not able to run Hijack THis at the moment to view the log, if I can get past this Rundll32.exe issue then I am on my way to fixing the remainder, only thing is I am stumped on this one part, so you can imagine that any suggestions are more than welcome and very appreciated. Cheers!

21-05-2008, 02:06 AM	#2
David H. Lipman Guest Posts: n/a	Re: smitfraud has me by the balls..... From: "ruez46" <ruez46@midnight.com> \| Hello folks! \| Don't want to waste to much of your time, this fourm was my last hope before \| the obvious rebuild of my Xp machine, I have narrowed this down to the \| SmitFraud due to the symptoms I am seeing, after spending nearly the better \| part of a day, I thought maybe someone can offer some suggestions please. \| The thing that is making it so hard to clean is that I am not able to run \| any applications on XP cept for IE, any other application I try and run I \| get the classic 'open with' windows box asking to choose a program to open \| the file, even worse when I try to access system functions(ie. display \| properties) I get another 'control panel' error \| 'c:\windows\system32\rundll32.exe' Aplication not found. \| Although Rundll32.exe is in the proper directory, however the malware is not \| allowing access to the rundll32 function, in turn causing my other programs \| to give me the 'open with' dialog box. \| Hence I am not able to run Hijack THis at the moment to view the log, if I \| can get past this Rundll32.exe issue then I am on my way to fixing the \| remainder, only thing is I am stumped on this one part, so you can imagine \| that any suggestions are more than welcome and very appreciated. \| Cheers! Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner Logs. NOTE: Registration is REQUIRED in any of the below before posting a log Suggested primary: http://www.thespykiller.co.uk/index.php?board=3.0 Suggested secondary: http://www.bleepingcomputer.com/forums/forum22.html http://castlecops.com/forum67.html http://www.malwarebytes.org/forums/i...hp?showforum=7 Suggested tertiary: http://www.dslreports.com/forum/cleanup http://www.cybertechhelp.com/forums/...splay.php?f=25 http://www.atribune.org/forums/index.php?showforum=9 http://www.geekstogo.com/forum/Malwa..._Here-f37.html http://gladiator-antivirus.com/forum...?showforum=170 http://forum.networktechs.com/forumdisplay.php?f=130 http://forums.maddoktor2.com/index.php?showforum=17 http://www.spywarewarrior.com/viewforum.php?f=5 http://forums.spywareinfo.com/index.php?showforum=18 http://forums.techguy.org/f54-s.html http://forums.tomcoyote.org/index.php?showforum=27 http://forums.subratam.org/index.php?showforum=7 http://www.5starsupport.com/ipboard/...p?showforum=18 http://aumha.net/viewforum.php?f=30 http://makephpbb.com/phpbb/viewforum.php?f=2 http://forums.techguy.org/54-security/ http://forums.security-central.us/forumdisplay.php?f=13 -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

21-05-2008, 02:06 AM	#3
ruez46 Guest Posts: n/a	Re: smitfraud has me by the balls..... thankyou Sir! "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:rrGYj.1247$ah.878@trnddc06... > From: "ruez46" <ruez46@midnight.com> > > \| Hello folks! > > \| Don't want to waste to much of your time, this fourm was my last hope > before > \| the obvious rebuild of my Xp machine, I have narrowed this down to the > \| SmitFraud due to the symptoms I am seeing, after spending nearly the > better > \| part of a day, I thought maybe someone can offer some suggestions > please. > > \| The thing that is making it so hard to clean is that I am not able to > run > \| any applications on XP cept for IE, any other application I try and run > I > \| get the classic 'open with' windows box asking to choose a program to > open > \| the file, even worse when I try to access system functions(ie. display > \| properties) I get another 'control panel' error > \| 'c:\windows\system32\rundll32.exe' Aplication not found. > > \| Although Rundll32.exe is in the proper directory, however the malware is > not > \| allowing access to the rundll32 function, in turn causing my other > programs > \| to give me the 'open with' dialog box. > > \| Hence I am not able to run Hijack THis at the moment to view the log, if > I > \| can get past this Rundll32.exe issue then I am on my way to fixing the > \| remainder, only thing is I am stumped on this one part, so you can > imagine > \| that any suggestions are more than welcome and very appreciated. > > \| Cheers! > > > > > Forums where you can get expert advice for HiJack This! (HJT) and > Deckard's System Scanner > Logs. > > NOTE: Registration is REQUIRED in any of the below before posting a log > > Suggested primary: > http://www.thespykiller.co.uk/index.php?board=3.0 > > Suggested secondary: > http://www.bleepingcomputer.com/forums/forum22.html > http://castlecops.com/forum67.html > http://www.malwarebytes.org/forums/i...hp?showforum=7 > > Suggested tertiary: > http://www.dslreports.com/forum/cleanup > http://www.cybertechhelp.com/forums/...splay.php?f=25 > http://www.atribune.org/forums/index.php?showforum=9 > http://www.geekstogo.com/forum/Malwa..._Here-f37.html > http://gladiator-antivirus.com/forum...?showforum=170 > http://forum.networktechs.com/forumdisplay.php?f=130 > http://forums.maddoktor2.com/index.php?showforum=17 > http://www.spywarewarrior.com/viewforum.php?f=5 > http://forums.spywareinfo.com/index.php?showforum=18 > http://forums.techguy.org/f54-s.html > http://forums.tomcoyote.org/index.php?showforum=27 > http://forums.subratam.org/index.php?showforum=7 > http://www.5starsupport.com/ipboard/...p?showforum=18 > http://aumha.net/viewforum.php?f=30 > http://makephpbb.com/phpbb/viewforum.php?f=2 > http://forums.techguy.org/54-security/ > http://forums.security-central.us/forumdisplay.php?f=13 > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >

21-05-2008, 03:59 AM	#4
David H. Lipman Guest Posts: n/a	Re: smitfraud has me by the balls..... From: "ruez46" <ruez46@midnight.com> \| thankyou Sir! YW and let us know how you make out. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

21-05-2008, 11:56 PM	#5
Clark... Guest Posts: n/a	Re: smitfraud has me by the balls..... ruez46 wrote: > Hello folks! > > Don't want to waste to much of your time, this fourm was my last hope > before the obvious rebuild of my Xp machine, I have narrowed this > down to the SmitFraud due to the symptoms I am seeing, after spending > nearly the better part of a day, I thought maybe someone can offer > some suggestions please. > The thing that is making it so hard to clean is that I am not able to > run any applications on XP cept for IE, any other application I try > and run I get the classic 'open with' windows box asking to choose a > program to open the file, even worse when I try to access system > functions(ie. display properties) I get another 'control panel' error > 'c:\windows\system32\rundll32.exe' Aplication not found. > > Although Rundll32.exe is in the proper directory, however the malware > is not allowing access to the rundll32 function, in turn causing my > other programs to give me the 'open with' dialog box. > > Hence I am not able to run Hijack THis at the moment to view the log, > if I can get past this Rundll32.exe issue then I am on my way to > fixing the remainder, only thing is I am stumped on this one part, so > you can imagine that any suggestions are more than welcome and very > appreciated. > Cheers! have you tried the removal tool from S!R! ?? also some other tools http://www.dslreports.com/faq/13935 a known good legit site works for me. Clark... -- Don't you have Google in your part of the world?

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode