Symbianize Forum
Most of our features and services are available only to members, so we encourage you to login or register a new account. Registration is free, fast and simple. You only need to provide a valid email. Being a member you'll gain access to all member forums and features, post a message to ask question or provide answer, and share or find resources related to mobile phones, tablets, computers, game consoles, and multimedia.
All that and more, so what are you waiting for, click the register button and join us now! Ito ang website na ginawa ng pinoy para sa pinoy!
[TUT] How to Remove Malicious/VIRUS/WORMS in your Infected PC's
- Thread starter hmx_ryan
- Start date
- Replies 1,096
- Views 190,017
- Messages
- 94
- Reaction score
- 0
- Points
- 26
sir bkit po gnon? pg ni ru2n ko ung pc s safe mode pblik blik lng xa s safe mode. pno po kya un? kelangan ko tlaga 2ng instrctions nyo kz gnyn ung pc ko ngaun wlang task manager mbgal and puro virus
- Messages
- 206
- Reaction score
- 0
- Points
- 26
boss hnd ata gumagana ang combo fix s windows 7...
d2....try ku maya f working....
- Messages
- 266
- Reaction score
- 0
- Points
- 26
(panu po ibalik or i-on ung firewall win xp. natangal ko na ung mga virus pero ung ibang services po hindi parin na ka open.. sapmple po ung IRC po.. )
try mo to.. click start-run-services.msc then hanapin mo ung security center, start mo xa, make sure na naka automatic xa. try mo xa
try mo to.. click start-run-services.msc then hanapin mo ung security center, start mo xa, make sure na naka automatic xa. try mo xa
try ko po ito dun sa isang pc.. thank you po..
- Messages
- 35
- Reaction score
- 0
- Points
- 26
Worm po kaya yung SPatch.exe? Wala kasi akong makitang kahina-hinalang process sa laptop ko pero every now and then bigla na lang akong may makikitang EXCEL.EXE sa task manager ko tapos dumadami kahit di naman ako nag-oopen ng excel.
Di ko mairun yung Combofix kasi company laptop to...
Di ko mairun yung Combofix kasi company laptop to...
- Messages
- 18
- Reaction score
- 0
- Points
- 16
tanong ko lang paano maaalis ang thumbs.dbb at recycler virus?
- Messages
- 4
- Reaction score
- 0
- Points
- 16
Go to AinLaz.com and you'll figure it out
- Messages
- 4
- Reaction score
- 0
- Points
- 16
download ain remover on Lazicon.com
- Messages
- 4
- Reaction score
- 0
- Points
- 16
its better you download avira antivirus 
- Messages
- 16
- Reaction score
- 0
- Points
- 16
Help po...
Disabled task manager, regedit, di mainstall antivirus
Mga nagawa ko na
1. Combofix
2. SDfix sa safe mode (pgrestart, normal mode na ulet) wla nadetect
3. del wscntfy.exe pro balik lang ng balik (nka off system restore)
Ito un HiJack this log...
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:53:05 AM, on 9/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Task Killer\TaskKiller.exe
C:\Documents and Settings\Beejay\My Documents\Downloads\AutorunRemover\AutorunRemover.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User '?')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing)
--
End of file - 4102 bytes
Disabled task manager, regedit, di mainstall antivirus
Mga nagawa ko na
1. Combofix
2. SDfix sa safe mode (pgrestart, normal mode na ulet) wla nadetect
3. del wscntfy.exe pro balik lang ng balik (nka off system restore)
Ito un HiJack this log...
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:53:05 AM, on 9/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Task Killer\TaskKiller.exe
C:\Documents and Settings\Beejay\My Documents\Downloads\AutorunRemover\AutorunRemover.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Beejay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User '?')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing)
--
End of file - 4102 bytes
- Messages
- 21
- Reaction score
- 0
- Points
- 26
sir, ayaw mag install nung SDFix sa laptop ko. pagnirurun ko ung installer sa .rar e may nadedetect na virus ung avira ko. iniignore ko pero sa kuhilihan nag eerror. walang nagaappear na SDfix folder sa C: drive ko.
problema ko sir e, nauubos memory ng Drive C ko.. anong klaseng virus po ba to?
*may nagrurun na update.exe sa processes ko. virus po ba un?
problema ko sir e, nauubos memory ng Drive C ko.. anong klaseng virus po ba to?
*may nagrurun na update.exe sa processes ko. virus po ba un?
- Messages
- 100
- Reaction score
- 0
- Points
- 26
kaya ba nito tanggaling ang AUTORUN.inf???
