| View previous topic :: View next topic |
| Author |
Message |
inthewild
Joined: 28 Mar 2004
Location: Korea
|
 Posted: Sun Feb 08, 2009 6:33 am Post subject: PureMorph Trojan is owning me... |
 |
|
I tried to remove it with Avast and SpyBot S&D but it keeps on popping up. Anyone else had trouble with this? Normally the above 2 programs get rid of anything but not this one...
I have googled it but it seems to link to more malware pages...
Help appreciated.
avast log...
2009-02-08 오후 10:36:12 SYSTEM 1140 Sign of "Win32:PureMorph [Cryp]" has been found in "C:\WINDOWS\system32\800.exe\[UPX]" file.
2009-02-08 오후 10:46:29 SYSTEM 1140 Sign of "Win32:PureMorph [Cryp]" has been found in "C:\WINDOWS\system32\087.exe\[UPX]" file.
2009-02-08 오후 10:47:46 SYSTEM 1140 Sign of "Win32:PureMorph [Cryp]" has been found in "C:\WINDOWS\system32\518.exe\[UPX]" file.
2009-02-08 오후 10:51:54 SYSTEM 1140 Sign of "Win32:PureMorph [Cryp]" has been found in "C:\WINDOWS\system32\561.exe\[UPX]" file.
2009-02-08 오후 10:52:50 SYSTEM 1140 Sign of "Win32:PureMorph [Cryp]" has been found in "C:\WINDOWS\system32\561.exe\[UPX]" file.
2009-02-08 오후 11:16:47 SYSTEM 1140 Sign of "Win32:PureMorph [Cryp]" has been found in "C:\WINDOWS\system32\881.exe\[UPX]" file. |
|
| Back to top |
|
 |
xpat
Joined: 13 Mar 2008
Location: Kangnam baby
|
|
| Back to top |
|
|
bassexpander
Joined: 13 Sep 2007
Location: Someplace you'd rather be.
|
| Posted: Sun Feb 08, 2009 6:54 am Post subject: |
|
|
First try Malwarebytes:
http://www.malwarebytes.org/mbam.php
Free download on the left of that page. You might need to download it onto another machine and bring it over on a memory key or something. Your malware infection might try to block you from downloading it.
You should also remove Avast and try Kaspersky using their free trial:
http://www.kaspersky.com/productupdates
It'll only last a month, but might do a better job of removing it if Malwarebytes doesn't. |
|
| Back to top |
|
|
blackjack
Joined: 04 Jan 2006
Location: anyang
|
|
| Back to top |
|
|
hanguker
Joined: 16 Mar 2005
Location: Korea
|
| Posted: Sun Feb 08, 2009 4:54 pm Post subject: |
|
|
I suggest you backup any data you haven't lost and reinstall Windows. Although I really appreciate these anti-spyware companies for trying to make programs to rid our computers of these viruses, they are seldom successful at totally removing them.
In my experience, the process of running various scans, messing with startup items and services, and restarting the computer a million times is much longer and more stressful than simply backing up and reinstalling.
In the future keep all of you data on a separate partition so that you can just wipe your C: drive on a whim if you get infected.
Good luck. |
|
| Back to top |
|
|
blackjack
Joined: 04 Jan 2006
Location: anyang
|
| Posted: Sun Feb 08, 2009 4:59 pm Post subject: |
|
|
| when you did the scans did you do it in safe mode? did you disable system restore? viruses and stuff can hide in the system restore area. |
|
| Back to top |
|
|
inthewild
Joined: 28 Mar 2004
Location: Korea
|
| Posted: Mon Feb 09, 2009 6:00 pm Post subject: |
|
|
| blackjack wrote: |
| when you did the scans did you do it in safe mode? did you disable system restore? viruses and stuff can hide in the system restore area. |
I'm no computer whiz so... should I make sure I do it in safe mode and disable sys restore, or do it in normal mode and make sure it's enabled?
Anyways Avast seemed unable to handle the problem even after a reformat so I got Antivir running with Spybot S&D, no problems now... I guess.
Those programs above didn't work for me but it was prolly mostly user error and the virus doin it's thing.
Thanks for the help. I've never had a trojan/virus prob this bad before. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
