System is infected ZAccess, after scanning Antivirus, were removed a virus is detected, but after recovery services.exe, does not work network.
https://www.virustotal.com/ru/file/fa9621dc...d5cd5/analysis/
The virus is very interesting, it uses the Flash Player vulnerability to infect the system, when you run it bypasses UAC, and then disables the defender windows and built-in firewall, remove the service center safety and service updates.
When run on windows 32-bit architecture, the virus infects the driver, a 64-bit version, the virus uses the system processes.
Bitdefender free version, can not restore the infected files?
Using the provided sample with a vanilla system, the reported problem does not seem to be reproducible.
Could you please confirm this behaviour without the extra tools you have installed on the system, or provide a full bill of materials for your test virtual machine?
You will need a copy of a virtual machine image? And which version of the antivirus?
For the tests used VirtualBox virtual machine version 4.2.12, the operating system Windows 7 64 bit SP1 The list of installed programs in the attachment.
I can provide a test sample.
/applications/core/interface/file/attachment.php?id=11762" data-fileid="11762" rel="">Software_List.txt
If you are able to share the image, that would most certainly shorten the time needed to reproduce the problem.
Seeing as this does not appear to replicate under usual circumstances, someone will be attending to this starting on Monday, so there's enough time for even a large transfer by then. If you do upload the VM, please send the link via a PM, and not post it on the board.
I'm not asking that you redo this, but it would really be of use if we knew how you came to notice this. Most importantly, as I asked before, if you have noticed this behaviour without running the other security solutions related tools.
Thanks for your time.
Well, I'll try to fulfill your request, so I can provide remote access to my test system, if necessary. Do you need a test sample of the virus?
Completely new version Zaccess. Bitdefender blocks infection in the system, but the virus has time to leave this trail.
https://www.virustotal.com/ru/file/e83741b2...sis/1371833474/
A small video.
Bitdefender failed to prevent contamination of the system.
