TechSpot

Fixing my Sister's Comp of Virus+Malware+Spyware

By maniac_lonestar
Jul 29, 2007
  1. HiJackThis Log - Fixing my Sister's Comp of Virus+Malware+Spyware

    I'm hoping that fixing through Hijackthis will now allow me to scan with trend micro housecall, 'cause apparently there is a hidden malware or spyware that closes my trend micro virus scan when it almost reaches 90% progress. And of course, there have been up detected viruses and wares but my damn explorer keep on closing before I get to delete them.
     
  2. momok

    momok TS Rookie Posts: 2,265

    Hi

    Very Important: Malware infections can possibly lead to identity theft, loss of funds from bank accounts, misuse of credit card information etc. Therefore I strongly encourage you to please read this thread HERE before deciding what course of action to take regarding your infection.

    Should you decide to clean your computer, please go ahead to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given. Do follow all the instructions exactly. They will provide logs for analysis of your system so I will know how to instruct you to proceed.

    Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste your logs if not it will be ignored and/or removed.

    Also, please let me know the results of the AVG Antirootkit scan


    Regards,
    Your friendly momok =)

    This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. maniac_lonestar

    maniac_lonestar TS Rookie Topic Starter Posts: 118

    Ok...heres the log
     
  4. momok

    momok TS Rookie Posts: 2,265

    Hi,

    You have not posted all requsted logs. Please follow the instructions in the given thread properly. The logs will help in the cleaning process.

    Regards,
    Your friendly momok =)

    This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. maniac_lonestar

    maniac_lonestar TS Rookie Topic Starter Posts: 118

    I tried to find combofix but I cant find it.

    I will do an AVG Anti(virus or spyware?) scan and a hijackthis but my Rootkit scan says I'm not infected with anything.
     
  6. M0ntG0M3rY

    M0ntG0M3rY TS Rookie Posts: 48

    It's right above your post in momok's signature ;)
     
  7. maniac_lonestar

    maniac_lonestar TS Rookie Topic Starter Posts: 118

    Here you go momok, here are all the logs
     

    Attached Files:

    • 1.JPG
      1.JPG
      File size:
      32 KB
      Views:
      5
  8. momok

    momok TS Rookie Posts: 2,265

    #You may wish to copy and paste these instructions on notepad for easier reference later.

    Boot into safe mode under your normal user name. See how HERE
    Next turn on "Show all files and folders, including hidden and system". See how HERE

    1. Please run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):

      O2 - BHO: SDWin32 Class - {172FD220-3BF1-4B9C-B162-0278DC493EA3} - C:\WINDOWS\System32\zbopr.dll (file missing)
      O2 - BHO: SDWin32 Class - {86CF160A-13F1-46DA-958D-4E11464B2420} - C:\WINDOWS\System32\cfnpw.dll (file missing)

      Close HJT.

    2. Navigate in Windows Explorer and delete the following files and folders in bold.

      C:\WINDOWS\iun6002.exe
      C:\PROGRA~1\COMMON~1\kwqz\kwqzm.exe
      C:\WINDOWS\wdskctl.exe
      C:\WINDOWS\wupdt.exe
      C:\Program Files\WinFixer 2005\uwfx5.exe
    3. Reboot into normal mode and rehide your protected OS files.

    Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.


    Regards,
    Your friendly momok =)

    This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  9. maniac_lonestar

    maniac_lonestar TS Rookie Topic Starter Posts: 118

    Non of the files or registries listed are found on the computer. What do I do now?
     
  10. maniac_lonestar

    maniac_lonestar TS Rookie Topic Starter Posts: 118

    So...are these "problems" fixed?
     
  11. ttray33y

    ttray33y TS Rookie

    smells like rootkit.. hard *** spywares.. Kaspersky will do the job...
    obvious:
    C:\WINDOWS\iun6002.exe
    C:\PROGRA~1\COMMON~1\kwqz\kwqzm.exe
    C:\WINDOWS\wdskctl.exe
    C:\WINDOWS\wupdt.exe
    C:\Program Files\WinFixer 2005\uwfx5.exe
     
  12. momok

    momok TS Rookie Posts: 2,265

    Hi,

    Please run AVG Anti Rootkit via Step 11 of the instructions HERE. Let me know the results of the scan.

    Please post fresh HijackThis and ComboFix logs as attachments too.

    Regards,
    Your friendly momok =)

    This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...