Win32:inject-wo

[blueday]

I am completely hijacked.....

no safe mode, no msconfig, no nothin'

can't even upgrade avast....it was the only software I could install.....

nothing works except Firefox

please help

blue

[Yanto.Chiang]

HI Blueday,

First of all :
1. Please turn off your restore system : Control Panel\All Control Panel Items\Recovery (Win 7)

2. If you already got avast antivirus, please do a boot time scan with your system

3. Then install MBAM, SuperAntiSpyware, Lavasoft. After that please do the system scan

4. Then please download AntiRootkit tool


Anyway, how many AV installed at your system?
What is your previous AV before using avast antivirus?

[blueday]

thanks for the suggestions, however I cannot open any application.  I get a warning: 

"Application cannot be executed.The file is infected. please activate your antivirus softeware."

This is not come from avast.  What I did get from avast was:

avast! has detected a virus in the operating memory.  Suggests a scan in the boot phase.  I have done that a couple of times and I have 7 or 8 file in the chest. 

I normally use my computer on a protected network at work.  I was on vacation and used a home network and failed to realize I had no protection.



Just how screwed am I?

[.: L' arc :.]

Have you tried renaming MBAM.exe as anything else?

[blueday]

can't do anything, except Firefox. 

no applications open

renaming does nothing....

can anyone help me?

please?

[blueday]

This morning I tried to update avast!  and got this:

23.12.2009 08:13:36 package: Tried to download servers.def but failed with error 0x20000011.
23.12.2009 08:13:36 package: LoadAllDefs failed 0x20000011
23.12.2009 08:13:37 general: Err:The package is broken.

I also got the broken package msg when I attempted to install the upgrade version

Can anyone help?

[.: L' arc :.]

It seems like the Fake AV is blocking access to all apps. Please consider posting a list of your installed software. We'll enumerate those that need to be uninstalled to begin with.

[blueday]

I will, however I cannot access the Add/Remove program to delete anything. 

This just popped up from avast!

C:\WINDOWS\System32\Drivers\nqzjsmu.sys

I will now do a boot-time scan and move everything to the chest.....

this really sucks

[blueday]

Okay...

Security task mgr
reg cure
exterminate it
avast
ccleaner
quicken
iphone
picassa 3
quicktime
firefox
ie
apple software update
turbotax
school library catalog
epat launcher
etools live
testnav tutorial
sibelius 5
photoscore lite
realplayer
palm desktop
google earth
respondus
repsondus equation ed 4
a+learning systems
dyknow
netscape 7.2
thunderbird
ms office
itunes
integrade pro
finale note pad
examview pro
hp virtual rooms
interwrite learning
svp-5300 capture program
timeliner
llc
inspiration
photostory
design premium cs3
distiller
acrobat
extendscript tool kit
fireworks cs3
live cycle designer
spybot s+d
ad aware
wmp
audacity

I cannot open or use any program other than firefox and avast....but I could not upgrade from the free version....\

things are still sucking......

[blueday]

thanks for all the help


I fixed it myself

[CharleyO]

***

Welcome to the forums, blueday.   

Do you mind telling us how you fixed it?


***