Fzixkb.exe

Hey, it's me again and after I had made my computer virus-free with a nice FireWall, I left for a few days to a friend's house in the country and I came back to find this: Fzixkb.exe messing up my computer. My teenage brother downloaded Morpheus and it gave my computer a couple of viruses. I got rid of the rest of the viruses easily with my Anti-Virus programs and with HiJackThis but this Fzixkb.exe still remains. It is trying to access the internet and my FireWall is preventing it from doing so and it is slowing down my computer and I keep finding some of my C:\Windows important programs such as Packager.exe (Which I looked up on Google to see if that was something bad or not and it wasn't) up and active in my CTRL+Alt+Del menu. Can someone help me with getting rid of this odd Trojan as quickly as possible? I'm afraid it will start doing internal damage to my computer or something.

 

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

After doing ALL of the above if you still have a problem:

Make sure you have HijackThis 1.99.1 and follow the guidelines on where to install it and how to post a log as an ATTACHMENT.
All instructions are covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting


Now post a Hijack This log as an ATTACHMENT to your message (Do NOT copy/paste the log into your post). Please close unnecessary running programs before you run HijackThis. You must close each of the following: your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc.

DO NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

 

Here it is:

 

Please print out these instructions so that you can operate with All Browser Windows CLOSED.

Please make sure System Restore is OFF and the Viewing of Hidden Files & Folders is Enabled as per the tutorial.



Now, look in Task Manager (Ctrl-Alt-Del) for the following running processes and, if you see any of them, try to END them:

FZIXKB.EXE

PACKAGER.EXE

Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

O4 - HKLM\..\Run: [fzixkb] c:\windows\system\fzixkb.exe
O4 - Startup: STRINGS.EXE

O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetupml.cab

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:

Please download the following tools:

Pocket KillBox

Generic Detection Tool 9X - ME

VX2 Finder - Version Msg126 for 9x

NOW:

Please unzip the Generic Detection Tool to a safe folder of your choice and run "find.bat" - Allow it as much time as it needs to run. You may get an error message of "File Not Found," but just let it go.

The tool should generate a long text file. Please attach that log along with a fresh HijackThis Log.

Note that you MUST NOT REBOOT after submitting these logs!

 

How do I do a Disable System Restore with Win 98?

 

You do not have System Restore, I apologize. Procede!

 

Here ya go:

Trying to get the Output file up but this forum keeps bitching at me saying it is already up. I will save it as another text file.

 

Rename it and attach it again. Name it firstoutput.txt

 

Here:

 

Allow me a moment to check your logs.

 

Please reboot into Safe Mode with the Viewing of Hidden Files & Folders Enabled and navigate to and DELETE the following if they should remain:

C:\WINDOWS\SYSTEM\FZIXKB.EXE

C:\WINDOWS\PACKAGER.EXE


NEXT:
Run CCleaner


Reboot to Normal Windows

NEXT:

Open VX2Finder and Click on the "Find Vx2.BetterInternet" button.

Then click on these buttons in the right pane unless they are not enabled:

UserAgent$ Button

Guardian.reg

Restore Policy

Allow Machine to Reboot.



After windows has loaded, Scan with HijackThis and attach the new log, also let me know how things are running now.

 

Woohoo! Virus is gone. Nowhere in my Close File thing either and no damage was done.

I did check into that Packager thing also and it said it was supposed to be in the C:\WINDOWS\SYSTEM folder area of my computer but this one was only located in C:\WINDOWS

They said it could be a virus pretending to be an important program. Nothing happened to my computer when I deleted it but just for safety sake, where can I redownload it if it was the important file?

 

I wouldnt worry about it, but if you want to make sure look in your System folder and locate it. Glad everything is working better!

You should see this article on How to Protect yourself from malware!

 

Ah, ok. I still have my Windows CD locked up safe where I can't lose it. I will work on it tommorow.

And what is BJ?

 

Shit, what does the file do anyways? Is it critical to have?

 

Ah, ok. So it isn't that critical but I will still work on that tommorow.

Tell me where can I find it on my Window's CD without turning the Window's download program on. Or does it give you the option already on the CD? I forgot. It's been awhile since I accessed the CD.

 

1) Click Start, and then click Run.

2) Type sfc, and then press ENTER.

3) Click Extract one file from installation disk.

4) In the Specify the system file you would like to restore box, type drive:\windows\path\file (where drive is the drive where the Windows folder is installed, generally drive C, path is the destination of the file that you are extracting, and file is the file that you want to extract).

5) Click Start, click Browse next to the Restore from box, and then locate the Windows installation files. By default, in the OEM version of Windows 98 and Windows 98 Second Edition the installation files are on the hard disk in the C:\Cabs folder. With a retail full version or upgrade version, you can also insert the Windows installation CD-ROM into the CD-ROM drive or DVD-ROM drive, and then locate the Windows installation files. The folder is named "Win9x". For example, if your CD-ROM or DVD-ROM drive is D:, the folder is named "D:\Win9x". For Windows 98, the folder is named D:\Win98.

6) Click OK, and then follow the instructions on the screen.

 

I followed all of the steps up to this and I had no idea what to do. I didn't understand what you are talking about. Drive D is my Zip drive, Drive E is my CD Rom drive, Drive A is my floppy disk drive, and Drive C is my harddrive drive. I have my Win98 disk in my drive and I have not a clue what to look for in it or where to look.

 

This is what I see:

 

1) Click Start, and then click Run.

2) Type sfc, and then press ENTER.

3) Click Extract one file from installation disk.

4) In the Specify the system file you would like to restore box, type C:\WINDOWS\packager.exe

5) Click Start, click Browse next to the Restore from box, and then locate the Windows installation files.

Note: Yours will be E:\WIN98

6) Click OK, and then follow the instructions on the screen.

 

Cool thanks. It worked. Thanks for the help.

 

Good Job!

So everything is running good, no further problems?