Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

View previous topic View next topic Go down

Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by jcs829 on 7th December 2009, 7:14 am

Hi,

I got infected by the win32/nuqel.e, bankerfox.a that promotes the fake antivirus pro software a month ago, and I got it removed with the help of you guys.
However, it has returned once again, after a month and the same thing is happening it wont let me open any programs or surf the internet because the only sites that it takes me to are the antivirus system pro sites to buy its stuff.
I tried running Malware bytes but it won't let me due to the virus telling me that program is infected.
I already downloaded combo fix onto a flash drive and I'm going to try to run it on my affected laptop tomorrow and hopefully I can get the log from combofix in here.

Any other suggestions? or do you guys suggest a different approach?
thanks in advance

jcs829
Novice
Novice

Posts Posts : 20
Joined Joined : 2009-10-23
OS OS : vista
Points Points : 26144
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by Dr Jay on 7th December 2009, 10:16 am

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by jcs829 on 7th December 2009, 7:52 pm

Hi,

It won't let me open/run the combofix, since a pop-up window shows up telling me that it wasn't able to run due to the program being infected.
And on top of that, it won't let me get on the internet unless I'm in safe mode.

Any suggestions?
thanks,

jcs829
Novice
Novice

Posts Posts : 20
Joined Joined : 2009-10-23
OS OS : vista
Points Points : 26144
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by Dr Jay on 8th December 2009, 4:25 am

Please do a scan with [You must be registered and logged in to see this link.]

Click on the Accept button and install any components it needs.

  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by jcs829 on 8th December 2009, 5:40 am

Hi,

The virus won't let me open internet explorer on my laptop, the only way it would let me is if I'm on safe mode, so I will run the kaspersky scanner on safe mode and post the report in here as soon as its done

thanks

jcs829
Novice
Novice

Posts Posts : 20
Joined Joined : 2009-10-23
OS OS : vista
Points Points : 26144
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by Dr Jay on 8th December 2009, 6:02 am

Post when ready. Also, check this information:

Please start Internet Explorer, and when the program is open, click on the Tools menu and then select Internet Options.
  • Now click on the Connections tab and then the Lan Settings button
  • Under the Proxy Server section, please uncheck the checkbox labeled Use a proxy server for your LAN. Then press the OK button to close this screen. Then press the Apply button and then the OK button to close the Internet Options screen. Now that you have disabled the proxy server you will be able to browse the web again with Internet Explorer.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by jcs829 on 8th December 2009, 7:14 am

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, December 8, 2009
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, December 08, 2009 02:24:48
Records in database: 3341267
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Objects scanned: 187493
Threats found: 2
Infected objects found: 4
Suspicious objects found: 0
Scan duration: 02:34:32


File name / Threat / Threats count
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0FA00003.VBN Infected: Packed.Win32.Krap.ae 1
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13640000.VBN Infected: Trojan-Downloader.JS.Iframe.ane 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0FA00003.VBN Infected: Packed.Win32.Krap.ae 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13640000.VBN Infected: Trojan-Downloader.JS.Iframe.ane 1

Selected area has been scanned.

jcs829
Novice
Novice

Posts Posts : 20
Joined Joined : 2009-10-23
OS OS : vista
Points Points : 26144
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by Dr Jay on 8th December 2009, 6:39 pm

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by jcs829 on 8th December 2009, 7:52 pm

Hi,

It still won't let me run Malwarebytes, since it still wont let me open the program because it says its infected by a virus. The same thing happens with combofix, it wont let me run it.
Even after doing the kaspersky online scan, the pop-ups and the antivirus pro websites are still showing up.

jcs829
Novice
Novice

Posts Posts : 20
Joined Joined : 2009-10-23
OS OS : vista
Points Points : 26144
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by Dr Jay on 8th December 2009, 11:20 pm

Your computer is infected with a dangerous infection:
[You must be registered and logged in to see this link.]

We have hit a dead end. Please tell me when you have completed a reformat and reinstall.

I am sorry for the bad news. I do not understand why these mean people make such harsh viruses, and I wish there was a way to clean your system without everything being damaged. But, the problem is, cleaning the system, most files will be damaged. It is like trying to clean up a city that just had a tornado or hurricane run through it. Takes rebuilding, and time to set back up.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by jcs829 on 11th January 2010, 8:08 pm

Hi,

I'm sorry for the delay but i went out ofr christmas break, anyways I've reformatted my laptop and installed windows 7 on it.
What would you suggest to install on it to prevent the problem that I had from happening again?

jcs829
Novice
Novice

Posts Posts : 20
Joined Joined : 2009-10-23
OS OS : vista
Points Points : 26144
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win32/nuqel.e and Bankerfox.a virus, antivirus pro!

Post by Dr Jay on 11th January 2010, 9:47 pm

See [You must be registered and logged in to see this link.] for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum