Posted in TutorialsSeptember 25, 2006 4:06 pm

Removing sxs.exe worm

Removing sxs.exe worm

Man.. this virus is running wild… jumping from pc to pc via usb drive… here is a quick guide to remove it.

How do you know you have this virus?
1. Your browser will open some porn site from china everytime you start it. BAD
2. In your task manager, you have this SVOHOST.EXE running… BAD

First thing. Follow the instruction below. Follow it precisely or you can’t continue to the second step.

0. Press Ctr-Alt-Delete > Processes > locate “SVOHOST.EXE” and click End Process.

Removing Autostart Entry from the Registry
Removing the autostart entry from the registry prevents the malware from executing at startup.
If the registry entry below is not found, the malware may not have executed as of detection. If so, proceed to the succeeding solution set.

1. Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
2. In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>CurrentVersion>Run
3. In the right panel, locate and delete the entry: SoundMam = “%System%\SVOHOST.exe”
(Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, and C:\Windows\System32 on Windows XP and Server 2003.)

Restoring Modified Entries from the Registry or you can skip these steps by restoring the registery value from this file (The file only available for 90 days. Email me if the link fail). Just unzip it and double click all file.
1. Still in Registry Editor, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>CurrentVersion>Explorer>
Advanced>Folder>Hidden>SHOWALL
2. In the right panel, locate the entry:CheckedValue = “0″
3. Right-click on the value name and choose Modify. Change the value data to: 1
4. In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Services>srservice
5. In the right panel, locate the entry: Start = “dword:00000004″
6. Right-click on the value name and choose Modify. Change the value data to: 2
7. In the left panel, double-click the following: HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Services>wscsvc
8. In the right panel, locate the entry: Start = “dword:00000004″
9. Right-click on the value name and choose Modify. Change the value data to: 2
10. Close Registry Editor.

The second step. Now you should be able to unhide your files.

Go to My Computer.
Locate the toolbar, click: Tools>Folder Option>View
>check “Show hidden files and folder
>unchecked “Hide protected operating system files (Recommended)

Click Apply.

And you are ready to delete the sxs.exe and autorun.inf in your USB drive, external hardisk, floppy disk or any other infected removal drive.

Step 3: Deleting the winscok.dll file.

1. Go to My computer.
2. Paste the following into the Address bar (without the quotation mark) “C:\WINDOWS\system32”
3. Locate the file winscok.dll in that folder.
4. Delete it use Shift+Delete.

Step 4: Deleting sxs.exe and autorun.inf safely

1. Open My Computer.
2. Locate the infected drive. Let say drive K:. DO NOT DOUBLE-CLICK IT .
3. Right-click and choose Open
4. You should able to view your drive K: root directories now.
5. Locate sxs.exe and autorun.inf.
6. Delete them without mercy. Use Shift+Delete

That damn worm should not bother you anymore.

Cheers… :)

Disclaimer: This method works for me but I don’t know whether it will work for you.

Translated in my own way from this source:
http://www.newzgc.com/bbs/showdoc.asp?bid=39&id=13188

KEYWORD: removing, worm_delf, sxs.exe, winscok.dll, svohost.exe, virus, stupid virus.

For more info and tool, please visit the links below. ;

Comments (14)
Posted in Rubbish TalkSeptember 23, 2006 6:54 pm

Selamat Berpuasa

To all my Muslim readers,

Selamat Berpuasa

Comments (1)
Posted in FoodsSeptember 22, 2006 3:11 pm

The Spinach (Bayam) Cracker

The right path
(insert your own caption) ;)

We were browsing through the busy market. Just like any other day, the market is busy with people. New fresh supply of vegetable and fruits arrived by the truck load. People shouting here and there…

I was busy choosing some fruits. He came and suddenly say something.

“WTF is that?”
“Where?”
“That… (pointing at something),…. Makcik.. apa benda itu?”
“Keropok dik”
“Kenapa hijau?”
“Keropok bayam, sebungkus RM4”
“Bah… ambil satu”

So he get a pack of Spinach cracker for RM3 -_-“

__________________

bayam cracker
This is what it looks like. Green with some yellow. I think they dip the spinach leaf into a flour mixture before frying it.

bayam cracker
The size depend on the spinach leaf. It looks great and supposed to give you the “Taste Good ™” impression.

bayam cracker
Well… he say it tasted good since he finish the whole packet. :(

P/S: all events maybe not true but the spinach cracker tasted good.

Comments (4)
Posted in FoodsSeptember 17, 2006 3:26 pm

Duty free Cadbury: Roast Almond

Cadbury choc
I was given this Cadbury chocolate by a friend of mine who is studying in Labuan (Labuan is a duty free island near Sabah if you don’t know yet). She handed it over in church, being a forgetful person; I left it in the church fridge for 2 weeks until today.

I’ve stayed in Labuan for 1 year, so I was a fan of this imported Cadbury chocolate. They taste different from the one locally manufactured here and they have more varieties.
Cadbury choc
It seems that they have changed the packaging.

Cadbury choc
This one is sourced from Australia. No wonder they tasted great.

Cadbury choc
The new wrapper design come with Cadbury logo on it.

Cadbury choc
Opening the foil revealed the chocolate. Malaysia weather is a total chocolate killer.
Let it on the table and it will melt. *sigh*

Just ate a row of the chocolate. Love it, but since I’m not a chocolate junkie, going to give half of it to my gf and share the rest with my roommates.

Cheers.

yet another fun & loving post from Pejalai(TM)

Comments (8)
Posted in Rubbish Talk 10:17 am

Malaysia Ku

It seem that more blogger are aware of 16 September. Glad this date is widely known now..

Sorry folks, no patriotic post for 16 September, I’m damn tired.

who’s your daddy now?

Comments (1)
Posted in Rubbish TalkSeptember 14, 2006 12:46 am

The day I will not forget and The Xtra Delicious Curry Mee in a Bowl

The subject has some metaphor value to each other if you can find it ;)

Image
Bought this yesterday. Decided to check it out after my stomach start growl. It should be since my last meal was around 2 pm, a quick bite on the burger with my gf before the movie start.

Image
Some alluring image to fool you that it was great… (it does tasted great)

Image
It contain 1 pack of curry+herbs seasoning, 1 pack of seasoning oil and a (interestingly) a pack of evaporated coconut milk to give the curry mee the needed taste. One good thing is the fork supplied with it.

A no brainer step to prepare it
Image
Put every seasoning into it.

Image
Add hot water. If you use cold water, I feel sorry for you. ;)

Image
Wait 3 minutes and ready to eat.

Easy food…

P/S: If you guys really wanna know my gf, she will appear in this blog in the future. But the condition now doesn’t permit it to happen yet. Be patient…

Comments (5)

Next Page »