Jump to content
Sign in to follow this  
Followers 0
cyberfly

Kena Virus

By cyberfly, in Utiliti & Sekuriti

Recommended Posts

cyberfly    1

cyberfly
Posted

1.Hijackthis log

Logfile of HijackThis v1.99.0
Scan saved at 12:20:20 PM, on 3/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\wamp\apache\Apache.exe
c:\wamp\mysql\bin\mysqld-nt.exe
c:\wamp\apache\Apache.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\wamp\wampserver.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\DOCUME~1\Alien\LOCALS~1\Temp\63265.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\Setup\Utilities\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: etlrlws - {576A0968-A5A3-4772-81B8-171E9F2032D9} - C:\WINDOWS\etlrlws.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\Alien\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PAVAgent] C:\Program Files\Data0.Net Software\Portable Antivirus\portableav16b.exe /silent
O4 - Startup: WampServer.lnk = C:\wamp\wampserver.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C855ECF5-3D8D-484E-B74C-D204E7D402B3}: NameServer = 192.168.1.1
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: altvxvm - {0A743CD3-4398-4438-AAE4-AF7749674AE2} - C:\WINDOWS\altvxvm.dll
O21 - SSODL: bokpkov - {A0D578FF-2657-4E02-8CBD-3D60BFC028FA} - C:\WINDOWS\bokpkov.dll
O23 - Service: Ad-Aware 2007 Service - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: aslunts - Unknown - C:\Program Files\Aquarius Soft\PC Lock Up Pro\svchost.exe (file missing)
O23 - Service: ATK Keyboard Service - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: wampapache - Unknown - c:\wamp\apache\Apache.exe
O23 - Service: wampmysqld - Unknown - c:\wamp\mysql\bin\mysqld-nt.exe

2.Message yg slalu keluar.Msg dari virus,bukan dari windows.

virusxi8.jpg

Assalamualaikumm.

Pc member aku kena virus.

Dah update kaspersky 6.0 tapi takleh detect lagi.

Guna AdAware 2007 tuk spyware,tak dapat detect gak.

Dah try PAV.

Camne ye nak cleankan virus ni?

Share this post

Link to post
Share on other sites

mfaizul89    3

mfaizul89
Posted

leh x uploadkan virus tue...

lg satu ko hantar r sample virus tu ke Kaspersky...

Share this post

Link to post
Share on other sites

juse    0

juse
Posted

1.Hijackthis log

Logfile of HijackThis v1.99.0
Scan saved at 12:20:20 PM, on 3/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\wamp\apache\Apache.exe
c:\wamp\mysql\bin\mysqld-nt.exe
c:\wamp\apache\Apache.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\wamp\wampserver.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\DOCUME~1\Alien\LOCALS~1\Temp\63265.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\Setup\Utilities\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: etlrlws - {576A0968-A5A3-4772-81B8-171E9F2032D9} - C:\WINDOWS\etlrlws.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\Alien\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PAVAgent] C:\Program Files\Data0.Net Software\Portable Antivirus\portableav16b.exe /silent
O4 - Startup: WampServer.lnk = C:\wamp\wampserver.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C855ECF5-3D8D-484E-B74C-D204E7D402B3}: NameServer = 192.168.1.1
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: altvxvm - {0A743CD3-4398-4438-AAE4-AF7749674AE2} - C:\WINDOWS\altvxvm.dll
O21 - SSODL: bokpkov - {A0D578FF-2657-4E02-8CBD-3D60BFC028FA} - C:\WINDOWS\bokpkov.dll
O23 - Service: Ad-Aware 2007 Service - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: aslunts - Unknown - C:\Program Files\Aquarius Soft\PC Lock Up Pro\svchost.exe (file missing)
O23 - Service: ATK Keyboard Service - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: wampapache - Unknown - c:\wamp\apache\Apache.exe
O23 - Service: wampmysqld - Unknown - c:\wamp\mysql\bin\mysqld-nt.exe

2.Message yg slalu keluar.Msg dari virus,bukan dari windows.

virusxi8.jpg

Assalamualaikumm.

Pc member aku kena virus.

Dah update kaspersky 6.0 tapi takleh detect lagi.

Guna AdAware 2007 tuk spyware,tak dapat detect gak.

Dah try PAV.

Camne ye nak cleankan virus ni?

ALO BRO CUBA KO GUNA REMOVER "REMOVEIT PRO". DOWNLOAD JAK.

LUPA PLAK BRO CUBA KO FIND VIRUS TU ALAM REGISTRY PASTU DELETE LA KLO JUMPA.

LUPA PLAK BRO CUBA KO FIND VIRUS TU DALAM REGISTRY PASTU DELETE LA KLO JUMPA.

LUPA PLAK BRO CUBA KO FIND VIRUS TU DALAM REGISTRY PASTU DELETE LA KLO JUMPA.

KO CUBA PLAK REMOVE CARA NI OK...

1. Click on the Start Menu button, then click on the Control Panel option, and then Double-click on the Add or Remove Programs icon.

2. Locate Worm.Win32.Netsky and double-click on it to uninstall Worm.Win32.Netsky. Follow the screen step-by-step screen instructions to complete uninstallation of Worm.Win32.Netsky.

3. Restart the computer.

4. When it has completed uninstalling you can close Add or Remove Programs and your Control Panel.

5. Close all programs.

6. Stop Worm.Win32.Netsky process. If you do not know how to stop a running process, click here to read more.

7. Delete the following infected files from your system.

EasyAV.exe

EasyAV

secound_document4.pif

e-mail3.pif

approved_file7.pif

If you do not know how to find it or having difficulties locating the file, click here to read more.

8. Rename the files that you found above to “foundbadfile1.dll†and “foundbadfile2.dll†(if you can not rename this file, then try to restart your computer in safe mode then try to rename this file.) If you don’t know how to start the computer in safe mode, click here to read more.

9. Go to C:\Program Files\ folder and delete the “IE Defender†folder (if you can’t delete it, reboot your computer to safe mode then delete the folder. Don’t worry about it if you can’t find it.)

10. Click here to bookmark this page (you will need to comeback to this page after reboot)

(If you are using Firefox click on Ctrl+D on your keyboard to bookmark this page)

11. Restart your computer

12. Go to your computer and delete the “foundbadfile1.dll†and “foundbadfile2.dll†file

13. You have just removed Worm.Win32.Netsky from your computer manually.

Remove Worm.Win32.Netsky with SmithfraudFix:

SmithfraudFix is a free tool that S!Ri created to remove fake anti-spyware programs. It can be risky so we cannot guarantee the result. Please use it with reservations. We would never recommend to purchase anything unless it’s necessary. That’s why we produce this free removal process.

1. Download SmithfraudFix tool and save it to your desktop.

2. Restart your computer and boot into Safe Mode. If you don’t know how to start the computer in safe mode, click here to read more.

3. Double-click on the SmithfraudFix.exe icon then follow the screen instructions. Option #2 should be selected in this case.

4. When you are prompted with “Do you want to clean the registry ?â€, simply answer “Yâ€.

5. Reboot.

6. You have just removed Worm.Win32.Netsky from your computer.

Share this post

Link to post
Share on other sites

baok    0

baok
Posted

1. Download SDFix oleh Andy Manchesta dan save kat Desktop. Lepas tu unzipkan die ka C:\ drive, (folder C:\SDFix) >> JANGAN RUN DULU!! sebab kene masuk Safe Mode

2. Restart komputer dan masuk Safe Mode.. (restart >> tekan F8 banyak kali sebelum masuk Windows)

3. Doubleclick RunThis.bat dan run.. tekan Y atau Yes kalau die mintak.. Tunggu sampai habis.. Nanti akan ada logfile (Report.txt) dalam Notepad.. Poskan log tu kat sini..

4. Restart dan masuk normal mode, download Deckard's System Scanner (DSS) dan save kat Desktop >> Run.. kemudian akan ada 2 log (main.txt dan extra.txt) Postkan 2-2 sekali (+SDFix log = 3 log)

Share this post

Link to post
Share on other sites

peace_bairoti    0

peace_bairoti
Posted

1. Download SDFix oleh Andy Manchesta dan save kat Desktop. Lepas tu unzipkan die ka C:\ drive, (folder C:\SDFix) >> JANGAN RUN DULU!! sebab kene masuk Safe Mode

2. Restart komputer dan masuk Safe Mode.. (restart >> tekan F8 banyak kali sebelum masuk Windows)

3. Doubleclick RunThis.bat dan run.. tekan Y atau Yes kalau die mintak.. Tunggu sampai habis.. Nanti akan ada logfile (Report.txt) dalam Notepad.. Poskan log tu kat sini..

4. Restart dan masuk normal mode, download Deckard's System Scanner (DSS) dan save kat Desktop >> Run.. kemudian akan ada 2 log (main.txt dan extra.txt) Postkan 2-2 sekali (+SDFix log = 3 log)

ok tQ kerana membantu.

pastu saya ada satu lagi problem.pc saya telah shut down dengan sendirinye.ianye terjadi bila saya install satu antivirus (kot) yang saya ambik dalam ni.tapi bila install & restart ianye terus terjadi.bila bukak pas.tengah loading program2 dalam pc pastu terus dia shutdown sendiri.bla on balik jadik balik.pc tu tengah dalam ujikaji.de antivirus avg anti-spyware je.ingat nak buh antivirus yang baru pas download kat putera.com ni. (antivirus solo)...

pe pandangan korang?lagi satu pc tu sebenarnya ada file yang aku nak pakai esok untuk presention...klu leh nak bukak coz klu tak mampus la akuuuuuuuu....

Share this post

Link to post
Share on other sites

mfaizul89    3

mfaizul89
Posted

...lagi satu pc tu sebenarnya ada file yang aku nak pakai esok untuk presention...klu leh nak bukak coz klu tak mampus la akuuuuuuuu....

aku sarankan ko wat backup... bukak pc ko dan cepat2 ambil file ntuk present ko tu... if not habislah ko...

aku x pernah jumpe lg virus yg off pc... restart pc penah jumpe r (bukan kt pc aku, pc kt lab kolej aku)...

good luck bro...

Share this post

Link to post
Share on other sites

Nazirul    0

Nazirul
Posted

banyak utiliti antivirus ni yang free.... spt portable AV, clamav, or scan online...

x guna install AV bebanyak..

1. mula2 ko search nama virus tu.

2. kalau ada dkt ur AV software list, update je...

x try manual ke dulu?

Share this post

Link to post
Share on other sites

baok    0

baok
Posted

ok tQ kerana membantu.

pastu saya ada satu lagi problem.pc saya telah shut down dengan sendirinye.ianye terjadi bila saya install satu antivirus (kot) yang saya ambik dalam ni.tapi bila install & restart ianye terus terjadi.bila bukak pas.tengah loading program2 dalam pc pastu terus dia shutdown sendiri.bla on balik jadik balik.pc tu tengah dalam ujikaji.de antivirus avg anti-spyware je.ingat nak buh antivirus yang baru pas download kat putera.com ni. (antivirus solo)...

pe pandangan korang?lagi satu pc tu sebenarnya ada file yang aku nak pakai esok untuk presention...klu leh nak bukak coz klu tak mampus la akuuuuuuuu....

Errkk.. peace_bairoti dengan cyberfly nih orang yang sama ke???

Kalau nak wat experiment ngan Virus, pastikan guna Virtual Machine.. jangan memandai nak test kat komputer sendiri... kang ape-ape jadi kang susah,.. lain la kalau pro giler...

Share this post

Link to post
Share on other sites

TanSriBlur    0

TanSriBlur
Posted

ok tQ kerana membantu.

pastu saya ada satu lagi problem.pc saya telah shut down dengan sendirinye.ianye terjadi bila saya install satu antivirus (kot) yang saya ambik dalam ni.tapi bila install & restart ianye terus terjadi.bila bukak pas.tengah loading program2 dalam pc pastu terus dia shutdown sendiri.bla on balik jadik balik.pc tu tengah dalam ujikaji.de antivirus avg anti-spyware je.ingat nak buh antivirus yang baru pas download kat putera.com ni. (antivirus solo)...

pe pandangan korang?lagi satu pc tu sebenarnya ada file yang aku nak pakai esok untuk presention...klu leh nak bukak coz klu tak mampus la akuuuuuuuu....

aku pun penah kena kes ni... kes ni mcm dia tendang semua av yang aku nak install... dah la dia dah corruptkan aku punya av asal... lepas tu bila aku nak masuk av baru dia tendang... dia terus off pc... walaupun aku search pakai google untuk ambik free edition utk sementara.. segala bentuk name or ape yg berkaitan av dia tendang... aku tak tau ape hal... sampai skang aku tak tau ape punca.. sape bleh explain ape punca???

kes ni dah lama... skang pc aku dah ok sb aku dah format... tapi tak puah hati... coz tak tau ape punca

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...