marcmaynard.exe

Discussion in 'ESET NOD32 Antivirus' started by dnapzter, Feb 26, 2008.

Thread Status:
Not open for further replies.
  1. dnapzter

    dnapzter Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    9
    guyz, can you help me with my problem?

    i dowload nod32 version 3 from the site

    after a couple of weeks, a virus (dunno what kind) marcmaynard.exe appeard on <+MY documents folder)

    but nod32 havent detected it yet.

    i try to google the solution but it recommends another cleaner

    http://www.greatis.com/appdata/d/m/marcmaynard.exe.htm

    can you help me guys?

    Jong
     
  2. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    Hi dnapzter :). Locate marcmaynard.exe, put it in a password-protected zip. Send the zip to samples@eset.com with the zip's password and this thread's URL in the email body.

    thanatos
     
  3. dnapzter

    dnapzter Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    9
  4. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    Do this. Locate C:\MarcMaynard.exe. To rid your PC of infection please post a hijackthis log here.

    Marcos, how come Win32/Dranyam (as of 21.01.2008 ) is listed in nod32.it's threat center but not in eset.com's? Is it really in the database? Thank you.

    thanatos
     
    Last edited: Feb 27, 2008
  5. dnapzter

    dnapzter Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    9
    i already reformatted my pc 4 times. it keps on coming back
    its because my pc is connected to a network because of internet connection
    T_T
     
  6. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    There's a worm outbreak in your network. To prevent the reinfection of cleaned PCs it is best to take down the network until all servers and workstations are disinfected.

    thanatos
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please compress the file, protect the archive with the password "infected" and send it to samples[at]eset.com with this thread's url enclosed. Also enclose a log from ESET SysInspector.
     
  8. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    Hi Marcos. Please answer this. Also, does nod32.it maintain a different database and threat encyclopedia? The write-up on Win32/Dranyam was made by Paolo Monti. Thank you.

    thanatos
     
  9. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Do you by any chance have some kind of removable media connected to your computer during or after the format and reinstall? If yes check if that one is infected as well. Unless i'm wrong this spread by copying itself to removable drives and not by using the network. If you choose to reinstall again make sure you don't connect any removable media like USB flash or harddisk unless you know for sure it's not infected. The procedure for removal is pretty easy though and shouldn't have to do a reinstall.
     
  10. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    here you go my friend
    1.first install new OS
    2.after installation when OS start do not plug any USB drive or removal drive DO NOT open Any other HDD partation's D,E,F
    3.then in folder options enable show hidden files and folders
    4.open your other HDD Partation's by explore
    5.you see some unknown exe files and autorun.ini files
    6.delete them or zip them for sending eset lab(sample@eset.com)
    7.then tell us if this help full or not
     

    Attached Files:

    • sds.jpg
      sds.jpg
      File size:
      45 KB
      Views:
      186
    • ssd.jpg
      ssd.jpg
      File size:
      6.1 KB
      Views:
      185
Thread Status:
Not open for further replies.