VIrus/Trojan interrupting with Deepfreeze/Hiding Files

[kazki]

---

ako na g.suwayan ang Spybot..unfortunately, wa mn japn na.tang2x ang virus oi... ambot, unsaon nani...murag reformat r mn jd ang pamaagi ani...

[kazki]

Duda nako, nakuha ni na virus sa mga flash drive... although naka freeze ang system, d jd na security na dli xa masudlan og viruses gkan sa flash drives.. As long as naay drive nmo na wla naka freeze, mupilit jd ang virus dha...

[erwin_rommel]

Duda nako, nakuha ni na virus sa mga flash drive... although naka freeze ang system, d jd na security na dli xa masudlan og viruses gkan sa flash drives.. As long as naay drive nmo na wla naka freeze, mupilit jd ang virus dha...

dali ra kaayo na deleton ang mga viruses basta naka frozen imong drive C. kanang mga virus nga mu sulod sa uban drives ma delete manually na as long as dili maka sulod sa system. i disable lang ang recyle bin para dili ma sulod ang virus didto inig delete nimo. and also naa problem ang deepfreeze sa mga nforce4 og nforce3 chipsets. inig restart nimo sa pc after installation sa deepfreeze, dili na mu dagan ang console sa deepfreeze so ang resulta, permanent freeze na imong system. even unfreezer could not solve it. ang solution ana kay i reformat imong pc then while installing the drivers, dont install the ide driver for nforce chipset, ang generic driver lang sa windows gamita kay magka conflict ang deepfreeze sa driver sa nforce.

[bordline]

okies ako suwayan nasd balik bro...ako g.suwayan boot sa safemode nya clean pero muo ra japn lagi... kani nasd ako suwayan...spybot

hehehe... ako kai kadaghan man kog balik2x ug restart a2 then search nasad...hehe

[kazki]

hehehe... ako kai kadaghan man kog balik2x ug restart a2 then search nasad...hehe

ako suwayan balik imo suggestion bro... pero kung di gani, reinstall nlng ko ning deepfreeze..clean sa nako tanan...hayz..

[cerndels]

kasugat nako ani na problema brod, ako gihimo kai ga download ko ani na program FixIEDef.exe mao ni ang link http://downloads.malwareteks.com/FixIEDef.exe gamit ni xa brod para makita na ang naka hide nimo nga mga folders... malware ang cause ana brod....read first this warning and notes sa program before using it mao ni xa link Malwareteks: IeDefender Removal Tool - FixIEDef... ayo2x

[SmaRkieS]

Download lang SDfix kay pag try nako ug mga antivirus ang ma detect nya mga windows files noon nga polipo pero di sya virus iya noon pang deleton, so wa nako ganahi mga commercial antivirus.

http://download.bleepingcomputer.com...esta/SDFix.exe

How to use SDFix:
1. Download SDFix and save to your Desktop.
2. Install SDFix: double-click on the SDFix. If a “Security Warning window opens”, click on the Run button.
3. Follow the prompts.
4. Reboot your PC in to Safe mode.

- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
- Instead of Windows loading as normal, a menu should appear
- Select the first option, to run Windows in Safe Mode.

5. Click Start -> Run,type the following text in type box: C:\SDFix\RunThis.bat
6. Press Enter or OK button.
7. When the tool is finished, it will produce a report for you.

mao ni mga ma kit.an nya.

Backdoor (IRCBot) Trojans:

F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\accwiz.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\astra32.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\Avsynmgr.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\BTStack.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\BTTray.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\ctfmon.exe
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\czsrv.exe
…

Trojan Ranky/Ranck:

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\config\svchost.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\etc\services.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\NT\nrcs.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\1.tmp
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\mbti.exe
…

Misc’ - Downloader/Dropper, Proxy, Backdoor, PWStealer Trojans:

F2 - REG:system.ini: Shell=explorer.exe %Temp%\cryptfg.exe
F2 - REG:system.ini: Shell=Explorer.exe boot
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\alg32.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\MSACCESS.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system\lsass.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\explorer..exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe
…

HackerDefender:

O23 - Service: MSDN Driver (msdndr) - Unknown owner - C:\WINDOWS\system32\msdndr.pif
O23 - Service: MSDV Driver (msdvdr) - Unknown owner - C:\WINDOWS\system32\msdvdr.pif
O23 - Service: ro0 Service (ro0Srv) - Unknown owner - C:\WINDOWS\system32\ro0\ro0.exe
O23 - Service: Time Service (TIME) - Unknown owner - C:\WINDOWS\system32\(RandomName).exe

Trojan/Rootkit Components:

__oddysee.sys
asc355.sys
asc355O.sys
asc3550a.sys
asc3550o.sys
asc3550p.sys
asc3550u.sys
asc3550v.sys
backsys.sys
core.sys
…

and more, satisfied ko ani.

[toting]

ako advice..never use deepfreeze..
nindot siya performance we thought..
pero one day., it will kill you alone.
and force you to reformat your HDD./
sad to say.,.

[madvirus1300]

i.remove sa ang DEEPFREEZE nimo.

niya Gamit lang og Kaspersky Anti Virus.
kahuman Update then DEEP SCAN sa imong computer aron madelete ang virus.