What's new
Symbianize Forum

Most of our features and services are available only to members, so we encourage you to login or register a new account. Registration is free, fast and simple. You only need to provide a valid email. Being a member you'll gain access to all member forums and features, post a message to ask question or provide answer, and share or find resources related to mobile phones, tablets, computers, game consoles, and multimedia.

All that and more, so what are you waiting for, click the register button and join us now! Ito ang website na ginawa ng pinoy para sa pinoy!

╔► ★ Mobilarian Lab ★ ◄╗

Re: Symbianize Lab

bfyap06 said:
Hi po. Maraming :thanks: po sa effort na nilalaan nyo para sa mga ka-symbianizers na katulad ko.

Boss, paannalyze din po ako. Salamat po.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:02:37 AM, on 5/1/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\RTHDCPL.exe
C:\Windows\System32\tsnp2std.exe
C:\Windows\vsnp2std.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\neo\Local Settings\Apps\F.lux\flux.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DFX\DFX.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Users\neo\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Program Files\DFX\Universal\Apps\DfxSharedApp32.exe
C:\Program Files\DFX\Universal\Apps\dfxItunesSong.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Users\neo\Desktop\MDMA.exe
C:\Users\neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\neo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\neo\Desktop\Internet\UKNOW\UKNOW.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\PING.EXE
C:\Users\neo\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Privacy SafeGuard - {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\system32\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe"
O4 - HKLM\..\Run: [NI Background Service] C:\Program Files\National Instruments\Shared\Update Service\niupdate.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\SMART BRO\UIExec.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [F.lux] "C:\Users\neo\Local Settings\Apps\F.lux\flux.exe" /noshow
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\neo\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: DFX.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A3476F6-7ACC-458E-A6B4-C8C21951BC2A}: NameServer = 10.1.8.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7c5e60b1-349e-419e-bcd9-7a7df4eb8eae}: NameServer = 121.1.3.172 121.1.3.89
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6E3FBE4-22C9-495C-8859-6BF904EFE158}: NameServer = 10.36.128.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC8345C-FEFF-4586-8ADF-3F50530CEDDB}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 10557 bytes
Click to expand...

Run ComboFix in safemode and post the log here. .
 
Last edited:
Re: Symbianize Lab

doc pa check up nmn ng akin machine bka my sakit , , :p
 

Attachments

  • hijackthis.txt
    9.2 KB · Views: 2
Re: Symbianize Lab

Sir pa check po, thanks :)
 

Attachments

  • hijackthis.txt
    7.2 KB · Views: 2
Re: Symbianize Lab

ravel_10 said:
Sir pa check po, thanks :)
Click to expand...

Done. . Fix this entries using HJT


R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)

R3 - URLSearchHook: (no name) - {F08555B0-9CC3-11D2-AA8E-000000000567} - (no file)

O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll (file missing)

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)

O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll (file missing)
 
Re: Symbianize Lab

superreggaemaniaks said:
Done. . Fix this entries using HJT


R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)

R3 - URLSearchHook: (no name) - {F08555B0-9CC3-11D2-AA8E-000000000567} - (no file)

O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll (file missing)

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)

O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll (file missing)
Click to expand...

Done TS salamat po:yipee:
 
Re: Symbianize Lab

Ito po sa akin, patulong po.
 

Attachments

  • hijackthis.txt
    9.6 KB · Views: 1
Re: Symbianize Lab

fire17m said:
Ito po sa akin, patulong po.
Click to expand...

Run Malwarebytes na makikita mo sa first page update first the data base and run in full scan and post the log here.
 
Re: Symbianize Lab

eto po sa akin patulong naman po kasi napapansin ko parang matagal mag-startup ung laptop ko. :pray:
 

Attachments

  • hijackthis.txt
    6.1 KB · Views: 1
Re: Symbianize Lab

jobthe0 said:
eto po sa akin patulong naman po kasi napapansin ko parang matagal mag-startup ung laptop ko. :pray:
Click to expand...

Run ComboFix in safemode and post the log here. .
 
Re: Symbianize Lab

eto na po ung log ko sir.
 

Attachments

  • ComboFix.txt
    19.1 KB · Views: 1
You must log in or register to reply here.

Similar threads

drexsho
Mabilisang kita habang nag enjoy ka!! Pasok!
Replies
0
Views
154
drexsho
drexsho
drexsho
Sabay Sabay na tayo kumita!!! wag na palampasin!!!
Replies
0
Views
202
drexsho
drexsho
pandot
Mga Koleksyo ng Teoryang Konspirata
Replies
0
Views
185
pandot
pandot
Chakman
Kailan Tuluyang Matatapos ang mga Labanan?—Ano ang Sinasabi ng Bibliya?
Replies
0
Views
61
Chakman
Chakman
I
RANSOMWARE
Replies
2
Views
489
EasyCure
E
Back
Top Bottom