Fixing my Sister's Comp of Virus+Malware+Spyware

[maniac_lonestar]

HiJackThis Log - Fixing my Sister's Comp of Virus+Malware+Spyware

I'm hoping that fixing through Hijackthis will now allow me to scan with trend micro housecall, 'cause apparently there is a hidden malware or spyware that closes my trend micro virus scan when it almost reaches 90% progress. And of course, there have been up detected viruses and wares but my damn explorer keep on closing before I get to delete them.

 

[momok]

Hi

Very Important: Malware infections can possibly lead to identity theft, loss of funds from bank accounts, misuse of credit card information etc. Therefore I strongly encourage you to please read this thread HERE before deciding what course of action to take regarding your infection.

Should you decide to clean your computer, please go ahead to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given. Do follow all the instructions exactly. They will provide logs for analysis of your system so I will know how to instruct you to proceed.

Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste your logs if not it will be ignored and/or removed.

Also, please let me know the results of the AVG Antirootkit scan


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[maniac_lonestar]

Ok...heres the log

 

[momok]

Hi,

You have not posted all requsted logs. Please follow the instructions in the given thread properly. The logs will help in the cleaning process.

Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[maniac_lonestar]

I tried to find combofix but I cant find it.

I will do an AVG Anti(virus or spyware?) scan and a hijackthis but my Rootkit scan says I'm not infected with anything.

 

[M0ntG0M3rY]

I tried to find combofix but I cant find it.

It's right above your post in momok's signature

 

[maniac_lonestar]

Here you go momok, here are all the logs

 

[momok]

#You may wish to copy and paste these instructions on notepad for easier reference later.

Boot into safe mode under your normal user name. See how HERE
Next turn on "Show all files and folders, including hidden and system". See how HERE

1. Please run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):
   
   O2 - BHO: SDWin32 Class - {172FD220-3BF1-4B9C-B162-0278DC493EA3} - C:\WINDOWS\System32\zbopr.dll (file missing)
   O2 - BHO: SDWin32 Class - {86CF160A-13F1-46DA-958D-4E11464B2420} - C:\WINDOWS\System32\cfnpw.dll (file missing)
   
   Close HJT.
   
   
2. Navigate in Windows Explorer and delete the following files and folders in bold.
   
   C:\WINDOWS\iun6002.exe
   C:\PROGRA~1\COMMON~1\kwqz\kwqzm.exe
   C:\WINDOWS\wdskctl.exe
   C:\WINDOWS\wupdt.exe
   C:\Program Files\WinFixer 2005\uwfx5.exe
3. Reboot into normal mode and rehide your protected OS files.

Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[maniac_lonestar]

Non of the files or registries listed are found on the computer. What do I do now?

 

[maniac_lonestar]

So...are these "problems" fixed?

 

[ttray33y]

smells like rootkit.. hard *** spywares.. Kaspersky will do the job...
obvious:
C:\WINDOWS\iun6002.exe
C:\PROGRA~1\COMMON~1\kwqz\kwqzm.exe
C:\WINDOWS\wdskctl.exe
C:\WINDOWS\wupdt.exe
C:\Program Files\WinFixer 2005\uwfx5.exe

 

[momok]

Hi,

Please run AVG Anti Rootkit via Step 11 of the instructions HERE. Let me know the results of the scan.

Please post fresh HijackThis and ComboFix logs as attachments too.

Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.