Does anybody know how can I fix my OS? I tried via AVG, Ad-Aware, SpyBot but still same. Please click for detailed info: http://lochoe.ringgittune.com/2008/10/i-got-malware-attack-when-use-wp-platform/ Attack From Russia: http://safeweb.norton.com/report/show?name=77.221.133.172
Restart your computer and while it's restart from the bios keep hitting F8 until it gives you a list of options then choose safe mode at the top...once you have entered the OS it will ask you a few things just hit YES...then choose ADMINISTRATOR. from there do the scan with any tools you may own on your computer. Please report back if the problem still exists.
Oh and also while your still in safe mode go to START>RUN>type in MSCONFIG> once this screen pops up click the start up tab up top and disable anything you don't use while you on your computer make sure you read everything even if you don't understand because you do need to have that anti virus checked or just send me a screen shot of the start up options and i can tell you what you need and don't need. this will also free RAM(Random Access Memory) and speed up boot time.
Do update your OS online regularly..It will depend your computer from any unwanted software to run in your PC. But if you OS is not genuine..Try to use Linux its free..
Ohhh yeah !! finally someone also got an ATTACK ! it took me almost 4 hours to figured it out... So how it worked for me... Please note this point : as in near future you may have this error . Internet should not be connected Thats all Use Good Anti-spywares ( i used super antispyware which worked for me to clear the malware attack) Basically if you need steps by step. Internet should be connected as soon as your window starts / vista --> run your anti-virus / spyware If your anti-virus/spyware didnot worked. Use what i have used Super Antispyware let me know if my points helped you out.... As it is 100% guaranteed
You can also disable system restore, then enable it. This should delete all the restore points. Download Malwarebytes at http://www.malwarebytes.org and run this program in safe mode. Use the update tab to update the program, then run in safe mode.
I tried this. Still same. All correct, I checked. Yes, I always update and protect real time. I tried this, but nothing found. Is it funny!!! Thank you I will try. So, special thanks for @dayjober He helped me via PM. Thanks
Malware has infected to the windows and its registry. Please first try to go safe mode and try to delete it. If you cannot use HIJACK this tool to scan the full system and observe the log file.
Here is the results: C:\WINDOWS\system32\paso.el Trojan horse Downloader.Small.EUH Object was moved to Virus Vault. C:\WINDOWS\Temp\1.tmp Trojan horse PSW.Generic6.AQVP Object was moved to Virus Vault. ------------------------------------------------------------ Objects scanned : 265766 Found infections : 2 Found PUPs : 0 Healed infections : 2 Healed PUPs : 0 Warnings : 0 ------------------------------------------------------------ IMO, My OS(Win XP) safe now, I will watch my system and report back if the problem still exists. Thanks all
But the problem is, that when you first get some malware/spyware/virusses, they're pretty difficult to get rid of. What I would do, is to first download the program cCleaner. This will clean your temporary internet files etc. Then start windows up in safe mode with internet, and download the program called hijackthis (without installer). Open the program and choose "scan and safe log file" (or something). When it has scanned, notepad will open with the log file. Copy the contents of the log file, go to internet explorer (open it in no-addons mode just to be safe. Can be found in start, accessories, internet explorer (no-addons) I think). Go to www.hijackthis.de and paste the log and click analyze. Se what processes there are nasty, and check them in hijackthis (to the left of the process). After that, click "Fix checked". Reboot your computer, and go into safe mode with internet again, and install Malwarebytes anti-malware. Do a scan, reboot again, and then download and run ewido online scan: http://www.ewido.net/en/onlinescan/. Now reboot into windows again (not safe mode). You can also install Eusing registry cleaner, to be sure there's nothing back in the registry.
erm.. from my blog at http://lochoe.ringgittune.com/2008/10/i-got-malware-attack-when-use-wp-platform/ The malware attack my server too, anyway, nothing appear to tell me when the malware start attack my computer (i use AVG free), But then, when i found its start attack my server, ( Its change all my index.php, index.html and htaccess for every folder in my site, then i start can trace it) Its really hard job to repair each file manually...(it takes almost 5 days for me to fix all the files) anyway, yups, i also found Hidraga when scanning back my computer after the attack.. ( i think this malware can copy all your password and username , and use it to login through ftp).. i wonder, is it this virus also effect to the computer owner, who dont have server?? maybe just a regular internet user...??