Virrus Help Please Nuqel.E and Bankerfox.A
Thread Starter
Join Date: Dec 2001
Location: UK
Posts: 87
Likes: 0
Received 0 Likes
on
0 Posts
Virrus Help Please Nuqel.E and Bankerfox.A
My computer was infected this week with “Nuqel.E and Bankerfox.A” which I believe is part of the same virus, with the help of a friend I downloaded “SmitfraudFix” I have tried everything I know (which ain’t a lot) to run it but the virus stops it and I can only run it in “Safe Mode”. It has helped in that I can now look at the folders on my desktop but as soon as I try and do anything else the virus stops it.
I have never had a virus before and I cannot begin to tell you the trauma this has caused, although I’m sure you are all fully aware. If anyone can be of help I would be very grateful and more than happy to pay.
Many thanks in advance,
TNB
I have never had a virus before and I cannot begin to tell you the trauma this has caused, although I’m sure you are all fully aware. If anyone can be of help I would be very grateful and more than happy to pay.
Many thanks in advance,
TNB
Join Date: Jan 2008
Location: The Land of Beer and Chocolate
Age: 56
Posts: 798
Likes: 0
Received 0 Likes
on
0 Posts
Nuqel.E removal:-
How to remove Win32/Nuqel.E trojan | remove-malware.net
Bankerfox removal:-
Remove BankerFox.A pop-up, BankerFox trojan removal
Now, look at he comments in the second link. There are posts there which tell yo how to stop the malware running on startup so you can disinfect your system.
How to remove Win32/Nuqel.E trojan | remove-malware.net
Bankerfox removal:-
Remove BankerFox.A pop-up, BankerFox trojan removal
Now, look at he comments in the second link. There are posts there which tell yo how to stop the malware running on startup so you can disinfect your system.
Those instructions look like having a good chance of working.
Some more info about this Here.
I'm guessing you might not be too savvy about manual removal of this tricky little beast? The registry would be agood place to start, if you can get to it, and are confident about tinkering there. (It is not for the faint hearted- you can bork your computer quite easily by messing with the wrong reg entry.)
Try MBAM, a good demand scanner. Download the free version. You may need to rename the installation file when you download it, I'd recommend doing that.
If you can install it, update it straight away and then run a quick scan. At the end, select everything found, and click "remove selected". If it prompts for a reboot to complete removal, do so immediately.
If you can't run this, you may need to look at a manual removal.
Some more info about this Here.
I'm guessing you might not be too savvy about manual removal of this tricky little beast? The registry would be agood place to start, if you can get to it, and are confident about tinkering there. (It is not for the faint hearted- you can bork your computer quite easily by messing with the wrong reg entry.)
Try MBAM, a good demand scanner. Download the free version. You may need to rename the installation file when you download it, I'd recommend doing that.
If you can install it, update it straight away and then run a quick scan. At the end, select everything found, and click "remove selected". If it prompts for a reboot to complete removal, do so immediately.
If you can't run this, you may need to look at a manual removal.
Per Ardua ad Astraeus
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes
on
0 Posts
TNB - from personal experience I fully recommend downloading Avast, installing and running its 'boot-time scan' just in case anything is still lurking deep inside - the usual caveat of NOT running 2 av products together, so best kill any other (if you are going to retain it), and WORKING OFF LINE once you have updated Avast.
Good to hear.
I'd like to recommend some prevention tactics.
Malware usually installs because of (1) User action: Clicking on the wrong (or a misnamed/deceptive) link, or installing software not from the authors' site, or installing pirated software; (2) Out of date vulnerable software installed, including out of date Windows, an insecure browser with permissions set a bit loose for today's environment; and the misfortune of happening across something in this state that the AV doesn't detect/can't stop. (All the AV's will miss the occasional one. So it doesn't necessarily mean "change AV's".)
User interaction is up to the user.
Up to date software can be helped a lot by visiting Secunia, mouse over "products", and perform an online scan. (As a result of the scan, you may want to install the PSI. It's free.) The scan will measure the status/known vulnerabilities of a lot of the software installed. Such things as Flash players, Java, Adobe etc. A lot of the 3rd party stuff that ends up installed. It will also offer the "how to" on what to do about it.
Known bad sites can be blocked by using a hosts file, which prevents the machine connecting. It can also block a lot of the unwanted content of a page, like some ads. An example of one (with instructions) is Here. (I use the Hostman app - linked within- to manage/update it. Easy as.)
If you don't have a two way software firewall, I'd get one. Online Armour, by Tall Emu, Outpost, PCTools, and Comodo all have free versions that are effective, particularly if you are also behind a hardware firewall/router.
I use PCTools. It's easy to learn.
Consider disabling or at least prompting for scripting/activex in the browser. Firefox with Noscript installed is excellent. Without Noscript, it's at least as vulnerable as any other. (Recent vulnerability found, yet to be patched.)
Run an antivirus, and let it update itself regularly. Run a scan with a good spyware scanner, like MBAM or Superantispyware or Asquared every week or two. Reduce in frequency if nothing is ever detected, and you gain confidence in the setup. Run immediately if "symptoms" occur.
There are other tricks and tips, too, including (especially) good backups, but that's a pretty good start that will keep you clean.
I'd like to recommend some prevention tactics.
Malware usually installs because of (1) User action: Clicking on the wrong (or a misnamed/deceptive) link, or installing software not from the authors' site, or installing pirated software; (2) Out of date vulnerable software installed, including out of date Windows, an insecure browser with permissions set a bit loose for today's environment; and the misfortune of happening across something in this state that the AV doesn't detect/can't stop. (All the AV's will miss the occasional one. So it doesn't necessarily mean "change AV's".)
User interaction is up to the user.
Up to date software can be helped a lot by visiting Secunia, mouse over "products", and perform an online scan. (As a result of the scan, you may want to install the PSI. It's free.) The scan will measure the status/known vulnerabilities of a lot of the software installed. Such things as Flash players, Java, Adobe etc. A lot of the 3rd party stuff that ends up installed. It will also offer the "how to" on what to do about it.
Known bad sites can be blocked by using a hosts file, which prevents the machine connecting. It can also block a lot of the unwanted content of a page, like some ads. An example of one (with instructions) is Here. (I use the Hostman app - linked within- to manage/update it. Easy as.)
If you don't have a two way software firewall, I'd get one. Online Armour, by Tall Emu, Outpost, PCTools, and Comodo all have free versions that are effective, particularly if you are also behind a hardware firewall/router.
I use PCTools. It's easy to learn.
Consider disabling or at least prompting for scripting/activex in the browser. Firefox with Noscript installed is excellent. Without Noscript, it's at least as vulnerable as any other. (Recent vulnerability found, yet to be patched.)
Run an antivirus, and let it update itself regularly. Run a scan with a good spyware scanner, like MBAM or Superantispyware or Asquared every week or two. Reduce in frequency if nothing is ever detected, and you gain confidence in the setup. Run immediately if "symptoms" occur.
There are other tricks and tips, too, including (especially) good backups, but that's a pretty good start that will keep you clean.
Join Date: Jul 2001
Location: U.K.
Posts: 805
Likes: 0
Received 0 Likes
on
0 Posts
And just to add to Tarq57's comments about dangerous websites, you never know where an attack will come from. Within the last couple of years the local Victorian manor house, just up the road from me has been converted into a hotel and conference centre. The new owners have done an excellent job and anyone doing a night stop at EGBB is recommended to use the place, but it ain't cheap! .....I digress...Naturally they have a sophisticated website to advertise their establishment. I logged onto it about three months ago to check on their Christmas menus and was very suprised when Avast cut in to warn me of a virus originating from this hotel website! Knowing the management, I e-mailed them, the virus was removed and I got an e-mail of thanks in return.
Last week it happened again!
No doubt, as a result of my second e-mail their website security is being reviewed. Oh - and I have just realised that as it is a personal recommendation I can mention that they are to be found on www.hamptonmanor.eu - just make sure that your antivirus software is fuly updated before pointing your browser at the site!
P.P.
Last week it happened again!
No doubt, as a result of my second e-mail their website security is being reviewed. Oh - and I have just realised that as it is a personal recommendation I can mention that they are to be found on www.hamptonmanor.eu - just make sure that your antivirus software is fuly updated before pointing your browser at the site!
P.P.
Spoon PPRuNerist & Mad Inistrator
The best way to avoid infections is not to run with admin rights.
Run as a standard user, then nasties don't have the privileges to install their payload.
Simple.
SD
Run as a standard user, then nasties don't have the privileges to install their payload.
Simple.
SD
