RoseHost Website Hosting

Wednesday, November 25, 2009

Mabezat or zPharaoh Virus Removal

0 comments
Digg it | Stumble it | Save to Del.ico.us |
Mabezat virus propagates through network,removable storage devices and emails. This file infects executable files and encrypts data files.



You can see if you are infected by the virus if you have these files at your PC.

At the Documents And Settings Folder:
tazebama.dll
tazebama.dl_
hook.dl_

It also create a "tazebama" folder at the Application Data Folder. And creates zPharaoh.exe file at all root folders with autorun.inf.

And it copies itself to removable devices with these filenames or the names that are already existing on the Removable Drive.

Adjust Time.exe
AmericanOnLine.exe
Antenna2Net.exe
BrowseAllUsers.exe
CD Burner.exe
Crack_GoogleEarthPro.exe
Disk Defragmenter.exe
FaxSend.exe
FloppyDiskPartion.exe
GoogleToolbarNotifier.exe
HP_LaserJetAllInOneConfig.exe
IDE Conector P2P.exe
InstallMSN11Ar.exe
InstallMSN11En.exe
JetAudio dump.exe
KasperSky6.0 Key.doc.exe
Lock Folder.exe
LockWindowsPartition.exe
Make Windows Original.exe
MakeUrOwnFamilyTree.exe
Microsoft MSN.exe
Microsoft Windows Network.exe
msjavx86.exe
NokiaN73Tools.exe
Office2003 CD-Key.doc.exe
Office2007 Serial.txt.exe
PanasonicDVD_DigitalCam.exe
RadioTV.exe
Recycle Bin.exe
RecycleBinProtect.exe
ShowDesktop.exe
Sony Erikson DigitalCam.exe
Win98compatibleXP.exe
Windows Keys Secrets.exe
WindowsXp StartMenu Settings.exe
WinrRarSerialInstall.exe

Different FileType are affected during this namely .ASP .ASPX .ASPX .CS .BAS .C .CPP .DOC .H .HLP .HTM .HTML .MDB
.MDF .PAS .PDF .PHP .PPT .PSD .RAR .RTF .TXT .XLS .ZIP.

This worm may also send mails with attachments in them to affect new PCs.


PREVENTION:-
- This Virus propagates through network so keep your network safe with strong password.
- Scan your or any removable drives with Anti-Virus or Anti-Spy ware to prevent infection.
-Disable Autorun on all drives.
- Do not download files from anonymous emails with attachments.
- Keep your anti-virus and anti- spy ware programs updated.


REMOVAL:-
- Disable System Restore to remove the Virus. 
- You Can run a full system scan by your Anti Virus and Anti Spyware. See it can detect it and deletes it.
- Download this rmmabez.exe from AVG and run it with this parameter (example: rmmabez C:\ D:\).
- Modify Change to "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”ShowSuperHidden” = “0″
Read more...

Sunday, November 1, 2009

Online Virus And Malware Scanning Sites


Digg it | Stumble it | Save to Del.ico.us |
There are so many virus, malwares and spyware that a single anti virus software isn't able to detect them all as soon as they get out and start infecting. Some anti virus pick them up faster and some don't. Some even may say that it isn't infected at all.

This is why a multiple anti virus software comes in handy. Now you can't go and install all the anti virus softwares in your pc to check if any malicious code or virus is detected. This will make it very difficult and time consuming may be irritating too.

But there are now solution to it. You can upload the file to the Site and it will check the virus with multiple anti virus and you will be shown the results in a browser. The check is done extremely fast on different anti virus softwares.

The leading one on the web is VirusTotal.com. It has about 30+ anti virus engines to check your files in.


This is a list of the companies that participate in VirusTotal with their antivirus engines.

* AhnLab (V3)
* Antiy Labs (Antiy-AVL)
* Aladdin (eSafe)
* ALWIL (Avast! Antivirus)
* Authentium (Command Antivirus)
* AVG Technologies (AVG)
* Avira (AntiVir)
* Cat Computer Services (Quick Heal)
* ClamAV (ClamAV)
* Comodo (Comodo)
* CA Inc. (Vet)
* Doctor Web, Ltd. (DrWeb)
* Emsi Software GmbH (a-squared)
* Eset Software (ESET NOD32)
* Fortinet (Fortinet)
* FRISK Software (F-Prot)
* F-Secure (F-Secure)
* G DATA Software (GData)
* Hacksoft (The Hacker)
* Hauri (ViRobot)
* Ikarus Software (Ikarus)
* INCA Internet (nProtect)
* K7 Computing (K7AntiVirus)
* Kaspersky Lab (AVP)
* McAfee (VirusScan)
* Microsoft (Malware Protection)
* Norman (Norman Antivirus)
* Panda Security (Panda Platinum)
* PC Tools (PCTools)
* Prevx (Prevx1)
* Rising Antivirus (Rising)
* Secure Computing (SecureWeb)
* BitDefender GmbH (BitDefender)
* Sophos (SAV)
* Sunbelt Software (Antivirus)
* Symantec (Norton Antivirus)
* VirusBlokAda (VBA32)
* Trend Micro (TrendMicro)
* VirusBuster (VirusBuster)

Another one is VirusScan.jotti.org
Will Post more if i find them.
Read more...
 
November 2009 | Copyright © 2009 Anti virus Software, News & Protection