Generic12.AZCN

View previous topic View next topic Go down

Solved Re: Generic12.AZCN

Post by Chaotikmind on Thu Feb 05, 2009 2:46 pm

Forced to reinstall again, mbam destroyed some infected system files.

But what is bothering me is right now on the new install there is absolutely no problem, how come antivir is not able to detect the infection when it arrives ?

Chaotikmind
Novice
Novice

Posts Posts : 19
Joined Joined : 2009-02-02
OS OS : WinXP PRO SP3
Points Points : 28630
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Belahzur on Thu Feb 05, 2009 3:50 pm

There is so many ways round an AV.
Please install some protection programs.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Chaotikmind on Thu Feb 05, 2009 6:16 pm

Erm not finished. I did a full scan after install, zero virus.
installed updated acrobat reader, java, and suddenly antivir shut down again
"
antivir cannot be found
it has been modified or destroyed
"

It's like my computer is under attack ..

Chaotikmind
Novice
Novice

Posts Posts : 19
Joined Joined : 2009-02-02
OS OS : WinXP PRO SP3
Points Points : 28630
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Belahzur on Thu Feb 05, 2009 6:18 pm

Hmmm.
Is this machine on a router?

If so, do you switch it off at night?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Chaotikmind on Thu Feb 05, 2009 6:25 pm

no router, but machine always off when i'm not here

Chaotikmind
Novice
Novice

Posts Posts : 19
Joined Joined : 2009-02-02
OS OS : WinXP PRO SP3
Points Points : 28630
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Chaotikmind on Thu Feb 05, 2009 6:35 pm

and anyway i connected only 30 min total since i reinstalled, i went nowhere , only downloaded things from trusted sources, namely opera, acrobat, java, .period.

Chaotikmind
Novice
Novice

Posts Posts : 19
Joined Joined : 2009-02-02
OS OS : WinXP PRO SP3
Points Points : 28630
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Belahzur on Thu Feb 05, 2009 7:01 pm

I'm not blaming your surfing.
Malware these days hijacks routers, so it makes it harder for us to find the problem, that's why I asked.
If no router, how does this machine connect? dial-up?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Chaotikmind on Fri Feb 06, 2009 10:15 am

ok , lot's of personnal investigation, found it
so if you see the same problem another time :
here is the explanation :

[You must be registered and logged in to see this link.]

win32/Virut.NBK ,new strain

detected by nothing but NOD32

i got 632 infected exe in only 4 days

Hope that can help someone else.

And good luck !

PS: it infect ANYTHING that is launch when the computer is already infected, need to reinstall prior to scan, all anti-spy/antivir/misc tools were all infected

Chaotikmind
Novice
Novice

Posts Posts : 19
Joined Joined : 2009-02-02
OS OS : WinXP PRO SP3
Points Points : 28630
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Belahzur on Fri Feb 06, 2009 5:05 pm

Yep, that's what Virut does.
I notice it's a zipped file, does it have exe/scr files inside the zip? they may be infected too. Sad tearing


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Chaotikmind on Fri Feb 06, 2009 5:10 pm

i zipped the infected exe prior to sending, don't want to click on that inadvertly !

Computer is definitively clean now.
that thing is not coming back it seems.

Chaotikmind
Novice
Novice

Posts Posts : 19
Joined Joined : 2009-02-02
OS OS : WinXP PRO SP3
Points Points : 28630
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Belahzur on Fri Feb 06, 2009 5:21 pm

Good, lets keep it that way. Hooray! Delete that file, it could the a new virut dropper.


Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Generic12.AZCN

Post by Doctor Inferno on Mon Jul 06, 2009 3:11 am

Since this issue has been addressed, a "solved" tag will be added and this topic will be closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a [You must be registered and logged in to see this link.] for your questions.


Please be a GeekPolice fan on [You must be registered and logged in to see this link.]



Have we helped you? [You must be registered and logged in to see this link.] | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Posts Posts : 12017
Joined Joined : 2007-12-26
Gender Gender : Male
OS OS : Windows 7 Home Premium and Ultimate X64
Protection Protection : Kaspersky PURE and Malwarebytes' Anti-Malware
Points Points : 104594
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum