Register Now!

User Login

Info Center

Resource Bin

Forum Updates

TipidPC.com is the leading resource for buying and selling brand new and second-hand computer parts and peripherals in the Philippines. Have something to sell? Sign up for an account now. It's absolutely free!

Forum Topic

TPC Virus & Spyware Removal Thread

  • alviperz on November 18, 2009 10:17 PM

    Need Help...
    mga master!

    Paano ko ma-remove itong worm na ito W32.Qakbot??/...
    Parati nlng nag-popop-up sa screen ko!..

    symantec antivirus ko!..

  • hotpandesal on November 18, 2009 11:00 PM

    @dreamdust
    sir eto lang nakita ko kakaiba sa logs mo:
    C:\DOCUME~1\GRAPHI~1\LOCALS~1\Temp\b.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O4 - HKCU\..\Run: [MailBlocker] C:\DOCUME~1\GRAPHI~1\LOCALS~1\Temp\b.exe
    may mail blocker ka ba?
    -backup your important files
    -disable system restore
    -run hijackthis again
    -put check on the said entries and hit the fix button
    -perform system and registry cleanup using ccleaner(remeber to backup registry when Ccleaner prompted to do so)
    -restart and run hijackthis again
    -tas post mo ulit dito yung link ng bagong HJT logs mo

    about sa windows delayed write failed error
    try to read this:<click here for link>baka po hardware issue sya..hope this helps

    @WinXPErt
    Warez ang UBCD di ba bawal sa thread yun
    freeware po ang UBCD(nagakamali ka po ata ng type pero paliwanag ko na rin para dun sa iba) and compilation sya ng mga hardware testing and benchmarking utilities from respective manufacturers(w/c is free) na walang GUI unlike yung sinasabi ko po na UBCD4win na may GUI(para syang ERD or BartPE)lahat po ng nakalagay sa kanya eh freeware though may mga comercial programs sya na pede mo idagdag but the user need the license to add those commercial apps and ofcourse you need a licensed WinXP installer to make the UBCD4win..so hindi pa rin sya bawal sa thread..^_^
    Ishashare ko yung Avira Portable at A2Free Portable ko plus guide pano gamitin.
    thank you sir malaki maitutulong nito sa mga ka TPC natin ^_^

    @ehlysalds
    ok na mga bossing, gumamit ako ng ESET32 online ginamit ko
    anu po yung malware issue nyo sir?pa share po dito sa thread para kung may makabasa ng katulad na issue ng sa inyo eh alam na nila gagawin nila...thanks!^_^

    @channelsurfer
    np sir..just keep us posted sa progress ng malware issue nyo and share the steps you've made para maayus yung issue nyo para sa iba na makakbasa na mya katulad ng issue nyo ^_^

    -- edited by hotpandesal on Nov 18 2009, 11:14 PM

  • hotpandesal on November 18, 2009 11:02 PM

    @alviperz
    sir paki fallow po yung Instructions sa Thread Reminder sa baba nitong post ko para po matulungan namin kayu ng maayus...thanks!

    ^_^

    -- edited by hotpandesal on Nov 18 2009, 11:15 PM

  • Yohan831 on November 18, 2009 11:10 PM

    External Image


    Thread Reminders:
    1. Before posting your issue, please try to initially read the first page of the thread. <click here for link>
    2. Keep the thread clean. And stick to the topic.
    3. Be patient. You don't have to repeat yourself. There are other people who can also answer your inquiry aside from the VSRT members. Most of us are volunteers in other sites too and we stop by here to help if we can steal more time from real life and our families, so please be patient. Then we look quickly for folks with no replies to help out. We hope you understand.
    4. Don't post links to warez and cracks, doing so may get you banned.
    5. When posting pictures of screenshots and other things related to the topic, please limit it to 640x480 pixels. Anything beyond that will be reported to our mods for immediate deletion.
    6. Upload your HiJackThis and/or other logs to our 4Shared account, and create a folder with your name in it. <click here for link>
    7. If our tools are detected as virus (like Win32/Packed.Themida), exclude the tool to be scanned by your antivirus. Better yet disable your AV temporarily as you run the tool/s.
    8. Our fixes are implied without warranty. Use at your own risk.
    9. No spoonfeeding and text speak here in the forum and anywhere else in TipidPC/CP.
    10. Please don't email or PM anyone from the VSRT members for "personal" HJT/virus help. We all benefit when a problem is discussed in the open.
    11. Not all error/s you get in Windows is/are caused by a virus. If this is so, then your issue will be out of the topic. However, we can still help you figure out if it is a virus problem or not, but then afterwards you may look for another forum for a solution.
    12. Sorry, but we can not provide support for those using illegitimate and/or unlicensed Software. As much as possible, we keep piracy to a minimum or zero level at all times.
    13. Those who violate the TPC-VSRT Rules and Regulations will be ignored of their issue, unless they manage to correct their mistake/s.
    14. People who may be interested in joining the TipidPC Virus & Spyware Removal Team may PM me (Yohan831)
    15. We are not 24/7 online, and we are a non-profit, all-volunteer group. If you cannot wait for us to get a solution, better ask another forum instead of wailing wildly and complaining.
    16. The TPC-VSRT thread cannot be utilized as a source of information for income-generating purposes such as Malware removal services and the like, and other unnecessary means. Any actions undertaken may lead to banning from this thread.


    Here are some steps that you may need to do first so we can assist you better:

    Intructions before posting your Malware issue
    1.Update your Antivirus
    2.Download MalwareByte's Anti-Malware Install and Update
    3.Download SuperAntispyware Install and Update
    4.Disconnect from the Internet
    5.Back-up important files
    6.Disable Sytem Restore
    7.Do a Full System Scan with your Antivirus
    8.Do a Full System Scan using MalwareByte's Anti-Malware(if prompted to restart do so)
    9.Do a Full System Scan using SuperAntiSpyware(if prompted to restart do so)
    10. If you think you are still infected Scan your system with HijackThis or QuickSmash

    Using HijackThis
    1.Download HijackThis Executable: <click here for link>
    2.Close all running applications and scan your system with HijackThis
    3.Save and Upload your HJT Logs in our 4Shared Account.
    4.Post the Download link of the log here along with your Malware issue.

    How to Upload HJT Logs
    1. Go to our 4Shared Account: <click here for link>
    2.Click on the Hijackthis logs folder
    3.Click on the folder with the green plus (+) icon (Create a new folder)
    4.When asked for a name, type in your tpc username, and click OK.
    5.Now click on your newly created folder
    6.Click Browse (on the lower part of the screen)
    7.Find your hijackthis log and select it.
    8.Click Open and then Upload
    9.Now it will say Uploaded successfully
    10.Right click on the Download link for the file, and click Copy Link Location (for Firefox Users) or Copy Shortcut (for Internet Explorer users)
    11.Paste the webpage on the thread and notify us if you have done so already.

    Do not post your hijackthis log directly in the thread.

    "Quicksmash Assistance" Developed by t68kv

    1. Download Quicksmash, after downloading open it.
    2. Check "include hijackthislog", "Update Before Smashing".
    3. Follow the steps on uploading the log created by the quicksmash.
    Wait for the "Finish" message, and follow the instruction on the next messageboxes.
    Usually the filename is named at the current date on you computer. EX "13-08-2008"
    4. Post the link, The link must be working for fast response from the team.
    5. Wait For Response Or Further Instruction From T68KV or Other Reliable Team Member.
    Usually they will tell you to redo the instruction. After Updating the Defintion.
    6. Download Quicksmash from here: <click here for link>


    Disclaimer:
    NEITHER THE TEAM OR ANYONE DIRECTLY CONNECTED IN PUBLISHING FIXES FOR YOUR PC SHALL MAKE ANY WARRANTY EITHER EXPRESSED OR IMPLIED. FURTHER, NEITHER THE TEAM OR ANYONE HELPING OUT SHALL BE LIABLE FOR ERRORS OR OMISSIONS CONTAINED HEREIN, OR FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES. THE FIXES ARE PROVIDED "AS-IS", AND THE READER/MEMBER BEARS ALL RESPONSIBILITIES AND RISKS CONNECTED WITH IT'S USE.

    TipidPC Virus and Spyware Removal Team website: <click here for link>
    Feel free to leave your comments and suggestions!

  • WinXPert on November 19, 2009 03:54 PM

    Thanks di pwede na isuggest ang UBCD4Win. Sa ibang board (international) kasi kinokonsider nila na warez ang UBCD4Win at Hiren's.

    Para di kami nangangapa sa solution sa PC probs ng poster please follow the instructions posted above. Just in case na ang virus/malware ay nagpreprevent ng scanning using any known AV program just post your HJT log and we'll start from there.

    To all na nabigyan ng suggestions and/or solutions please give a feedback sa status ng system kung okay na.

    @hotpandesal

    San ko pwede i-post yung Avira Portable?

  • hotpandesal on November 19, 2009 05:04 PM

    Thanks di pwede na isuggest ang UBCD4Win. Sa ibang board (international) kasi kinokonsider nila na warez ang UBCD4Win at Hiren's.
    yup, pansin ko din yun..nasa user naman kasi yun kung magiging warez or not ^_^
    San ko pwede i-post yung Avira Portable?
    kung may hostfile ka na may good download speed dun nyo nalang po lagay then post nyo nalang po yung download link sa mga post nyo...or kausapin nyo po si PartcleX para po mailagay sa 4Shared ng TPC-VSRT under your folder name,sya po kc naka toka sa 4shared ^_^

  • ParticleX on November 19, 2009 05:08 PM

    nawala yung virus samples sa 4shared, any idea?

  • ParticleX on November 19, 2009 05:11 PM

    Thanks di pwede na isuggest ang UBCD4Win. Sa ibang board (international) kasi kinokonsider nila na warez ang UBCD4Win


    Almost all software included in UBCD4Win are freeware utilities for Windows®. Some of the tools inlcuded are "free for personal use" copies so users need to respect these licenses. A few of the tools included in UBCD4Win are paid for and licensed software owned by UBCD4win


    depende na lang din kung anong apps ang i-"slipstream" mo sa cd.

    sa hirens obvious na war3z ang mga apps :-p

  • WinXPert on November 19, 2009 05:18 PM

    ^

    Saan ko pwede upload yung apps mga 70Mb yun A2Free Portable, yung Avira Portable 60+Mb

  • hotpandesal on November 19, 2009 05:19 PM

    nawala yung virus samples sa 4shared, any idea?
    ngayun mo lang napansin? kala ko nga tinanggal mo na dahil nagawan na ng fix eh! :P

  • ParticleX on November 19, 2009 05:22 PM

    http://tpc-virus-removal-team.4shared.com

    under folder Other Apps

    yung Avira sana freeware version lang para wala tayong probs :-p

    ngayun mo lang napansin? kala ko nga tinanggal mo na dahil nagawan na ng fix eh! :P


    dati pa, kaso ngayon lang ako nagkaroon ng time sumilip dito :-p

    may scheduled meetings na? habang lumalamig panahon lumalamig din vsrt ah :-p

    Both Freeware yung Avira Antivir sa A2Free. Ty. Maybe next time nakikigamit lang ako ng PC.


    roger that chief, hintayin na lang namin :-)

    -- edited by ParticleX on Nov 19 2009, 05:27 PM

  • WinXPert on November 19, 2009 05:24 PM

    Both Freeware yung Avira Antivir sa A2Free. Ty. Maybe next time nakikigamit lang ako ng PC.

  • hotpandesal on November 19, 2009 05:51 PM

    may scheduled meetings na? habang lumalamig panahon lumalamig din vsrt ah :-p
    medyo bc si direk, ako naman pasulpot sulpot lang..mag me-meet lang kaming 3 nila firefly siguro para pag planuhan yung official meeting ng group..nawala na tayo sa timeline..hehehe!

    -- edited by hotpandesal on Nov 19 2009, 05:54 PM

  • ehlysalds on November 19, 2009 06:25 PM

    @hotpandesal and others. . .
    nagDL kasi ako ng mp3 sa limewire, 4Mb somthing ang size (pag maliit masyado dedma ko lang) kaya dinownload ko then limewire mismo nagblock sa file (marked as spam) then ginamitan ko ng superantispyware tapos yun na nga nadetect yung "avifil3232.dll". . .di ko makita sa win32 folder
    hinanap ko rin sa google, kesho gamit daw ako ng ganito ganyan. . .
    kaya tinesting ko yung ESET NOD32 online scan kaso mejo may katagalan
    ayun nadelete mga trojan na nakatago, nagrescan uli ako using superAS. . .
    yun wala na, natsambahan ko lang

  • ehlysalds on November 19, 2009 06:30 PM

    sya nga pala, hindi matanggal tanggal ng superAS yung "avfil3232.dll" kahit irestart ko
    wala naman weird na nangyari sa lappy ko since nainfect

  • hotpandesal on November 19, 2009 10:30 PM

    @ehlysalds

    gang ngayun ba sir nadedetect parin sya?

    try mo po i-unregister
    -Go to Start>Run
    -then type this command
    regsvr32 /u avfil3232.dll
    -press enter
    -then saka nyo sya subukan i-delete

    ^_^

  • GIGZ_09 on November 19, 2009 10:31 PM

    yey! what a great day!=)


    di ko makuha yung dating gawa ko na list ng registry entries na kailangan imonitor.. di ko tuloy mainject kay registry scanner...

    sana nasa mood na ko sa sat... ng matapos na ito=)



    padaan lang=)

  • ehlysalds on November 20, 2009 04:21 AM

    @hotpandesal

    wala na po sya nang sinubukan ko yung NOD32 scan online
    mali ata sequence ng pagtype ko hehe
    thanks pala sa command line just in case

  • dreamdust on November 20, 2009 10:44 AM

    nawala na ung b.exe sa superantispyware . pero ung windows delayed write failed sa usb 2.0 ganun pa din . tingin ko madami nang bad sector. BTW thanks!

  • channelsurfer on November 21, 2009 12:16 AM

    WeeW..looks like malinis na comp ku...

    after:
    scanning using malwarebyte & superantispyware, then CCleaner..
    naupdate ku na AVIRA KU! YAHOO! ^___^


    teKA po''

    ask ku lang kung baket ayaw nun amPAw smasher ma add sa stARt up ku???

    vista 64bits
    ThaNKS'

Who's Online

466 active users within the last 5 minutes, 265 members, 201 guests.
Our newest member is gundesblumdes
Click here to see online members.

Browse Items

More »

Search TipidPC


New Items for Sale

New Want to Buys

Active Items for Sale

Active Want to Buys