any good online scanner recommendation to remove tis 'W32.Downadup'??
Online Scanners
|
|
 Jan 9 2009, 12:23 PM
Return to original view | Post
#1
|
 
Senior Member
1,154 posts Joined: Nov 2005 From: Merseyside RED  
|
|
Quote|
|
|
|
|
Jan 10 2009, 01:32 AM
Return to original view | Post
#2
|
|
Senior Member
1,154 posts Joined: Nov 2005 From: Merseyside RED
|
QUOTE(cybpsych @ Jan 9 2009, 10:34 PM) i guess you didn't fully patch your system? 'cuz this worm take advantage of the exploits in Windows: http://www.microsoft.com/technet/security/...n/MS08-067.mspx <-- patch ur windows after cleaning icic......by the way my PC is still using windows 2000 becoz its my office PC and just reformat......i will try it asap...thanks for ya help..... http://www.f-secure.com/v-descs/worm_w32_downadup_a.shtml <- There's an automated removal tool http://www.precisesecurity.com/threats/w32downadup/ http://www.downloadatoz.com/spyware-remova...2-downadup.html Added on January 9, 2009, 11:00 pmMore updated/variants and removal tool: http://www.f-secure.com/v-descs/worm_w32_downadup_al.shtml It's a command line utility and you should carefully review the included readme.txt file. based on F-Secure's figure, there are >1,500 sites used by the worm itself! http://www.f-secure.com/weblog/archives/do...n_blocklist.txt more important reading: http://www.f-secure.com/weblog/archives/00001576.html   |
|
|
Jan 12 2009, 09:16 AM
Return to original view | Post
#3
|
|
Senior Member
1,154 posts Joined: Nov 2005 From: Merseyside RED
|
QUOTE(cybpsych @ Jan 10 2009, 08:36 AM) well, if you read the Microsoft Security link i posted above, the vulnerability affects Win2K --> XP --> Vista --> Server 2003/2008 ... well.....cybpsych...here is the log report after i have finish scanning with the malwarebytes anti-malwareany1 who is careless not to patch the OS will have higher chances to get infected by this prolific worm. luckily you can afford to reformat  imagine those ppl/companies who can't reformat at all due to policies, users data, etc. etc. ...that's why patching your OS is the cheapest, safest way to secure your OS .. even AVs on most times can't help because all AVs depends on your OS to run properly/stable... it'll be too late to install AV *after* getting worm/virus infection  removal tools are still a good way to remove specific worm/virus because it doesn't need to install, so even if your OS almost died, you still can revive it with a cure from the removal tool Malwarebytes' Anti-Malware 1.32 Database version: 1643 Windows 5.0.2195 Service Pack 4 1/12/2009 9:12:45 AM mbam-log-2009-01-12 (09-12-45).txt Scan type: Full Scan (C:\|) Objects scanned: 70647 Time elapsed: 51 minute(s), 43 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) somehow it's saying tat it didnt detect any infected file but after a few moment later tis thing appear.....  
btw i cannot enter most of the f-secure website tat u posted there......  |
|
|
Jan 20 2009, 02:01 PM
Return to original view | Post
#4
|
|
Senior Member
1,154 posts Joined: Nov 2005 From: Merseyside RED
|
QUOTE(cybpsych @ Jan 12 2009, 01:15 PM) i'm uploading two removal tools from F-Secure and Bitdefender to Rapidshare ... will update you later for the download link finally the worms is clear after i have update the windows........thanks for ya help...... Added on January 12, 2009, 1:28 pmhttp://rapidshare.com/files/182316709/tools.rar |
| Change to: |  0.0156sec
 0.46
 7 queries
 GZIP Disabled
Time is now: 26th November 2025 - 07:41 AM |
All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)
Powered by Invision Power Board © 2025 IPS, Inc.