Win32/Alman.NAB

Discussion in 'NOD32 version 2 Forum' started by donrod, Jan 18, 2008.

Thread Status:
Not open for further replies.
  1. donrod

    donrod Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    2
    The threat log shows Nod32 is cleaning the infected files(all .exe files) but its not finding the file thats causing the infection.

    It seems to be coming back on every even date of the month(14th, 16th and today 18th). o_O

    Google wasnt much help with removal instructions or any other information but I tried sophos antirootkit and it doesnt detect anything. Still every other day the infection is back. Everytime nod32 updates it starts scanning and cleaning all over again.

    Don't want to format my windows drive bcoz I dont even know which partition the infecting file is on. Need help here asap. How do I proceed from here?
     
  2. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    yo mann

    you mention a log file ,what sort of infection u have there? plz do tell ,thats way maybe ppl here can help you:doubt:
     
  3. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Sounds like whatever file keeps installing itself is protected, try scanning in safe mode, that should eliminate it.
     
  4. donrod

    donrod Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    2
    The log I referred to is the nod32 log in the Nod32 Control Center > Logs > Threat Log. It doesnt say much. just the path to the infected .exe and then it says cleaned.

    For some files it says unable to clean. The files that cant be cleaned change everytime. Eg. If its divx player.exe that nod32 is unable to clean today, then the next time nod32 detects the files getting infected, its able to clean divx player.exe but there will be another .exe's that nod32 cant clean.

    I tried scanning in safe mode but nod32 control center wont start in safe mode. I started the scan from the nod32 icon but it says anti-stealth technology is not fully enabled. I thought that might affect the effectiveness of the scan so I stopped it and I wasnt feeling comfortable without the nod32 control center which I assume cleans the infected .exe's as soon as they are infected...After I came out of safe mode, nod32 was again busy cleaning, which means my files got infected when in safe mode(right?). Bcoz once nod32 is done cleaning for the day, it doesnt start cleaning again till the next even date.

    Can I run a scan from dos with nod32 v2?
     
  5. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi!

    According my informations, Win32/Alman.NAD is infector, downloader and it has got his own driver. Then removing will be harder. I recommend to visit some forum concentrate on removing malware, because you can't send logs here.

    (or write me PM)

    :thumb:
     
Thread Status:
Not open for further replies.