Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Antivirus System Pro; worm.win32.netsky; and 41.exe

Started by LJVM , Nov 27 2009 12:45 PM

  • Please log in to reply

#1
LJVM
Posted 27 November 2009 - 12:45 PM

LJVM

    New Member

  • Member
  • Pip
  • 1 posts
Hi there,

I will appreciate some help trying to get rid of a number of stuffs that are making my laptop useless. Yesterday, by mistake I clicked a link to a website, and after that my computer started to act in a weird way.

The first sign was that I got a message from Antivirus System Pro saying that I was infected with a virus (at the same time a box simulating a virus scan was running) and I got a red icon with a cross in the notification area sending me a windows security alert. I did not agree to purchase anything since I know this is a fake antivirus, but I cannot do anything to get rid of this. Now, I have a wallpaper telling me "Your System is Infected" in uppercase and in small case message saying that the system has stopped due to a serious malfunction due to spyware, and that I need to get spyware removal tool to prevent data loss (I just gave a summary of the text and not an exact quote). I am also getting security warnings in the form of windows boxes saying that different applications cannot be executed because XXXX (different files) are infected and asking me if I want to activate my antivirus now. Also I am getting Antivirus System Pro alert boxes saying that I am being attacked from different IP addresses and asking me to block this attack. From time to time, an internet explorer session is started trying to direct me to www.[bleep].org.

I reinitiated my computer in safe mode and got a message telling me that I was infected with worm.win32.netsky, and also I saw a DOS command windows running 41.exe. I was running Symantec Antivirus Corporate Edition before the infection and I installed WebRoot Spy Sweeper after the installation. The antivirus scan is not running properly and SpySweeper found a few spy cookies and a trojan and removed it, but the system is still having the same problems. I am writing from another laptop right now, since I have disconnected the infected system from internet. Last, but not least my system seemed to be hijacked since I cannot open task manager, command line, system restore, etc. Could anybody out there help me? Thanks in advance.

-Lorenzo
  • 0

Advertisements

#2
IndiGenus
Posted 27 November 2009 - 06:20 PM

IndiGenus

    Anti-Malware Buddha

  • Member
  • PipPipPipPip
  • 1,617 posts
Hello LJVM and welcome to the forums here at G2G.

Please follow the instructions at this link. Then post the logs from MalwareBytes, Root Repeal and OTL back to this link. Do not start a new topic.

If you are unable to do any of the steps above move on to the next and make note of those that will not run.

Let me know how it's running at this point also.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP