Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Antivirus System Pro; worm.win32.netsky; and 41.exe


  • Please log in to reply

#1
LJVM

LJVM

    New Member

  • Member
  • Pip
  • 1 posts
Hi there,

I will appreciate some help trying to get rid of a number of stuffs that are making my laptop useless. Yesterday, by mistake I clicked a link to a website, and after that my computer started to act in a weird way.

The first sign was that I got a message from Antivirus System Pro saying that I was infected with a virus (at the same time a box simulating a virus scan was running) and I got a red icon with a cross in the notification area sending me a windows security alert. I did not agree to purchase anything since I know this is a fake antivirus, but I cannot do anything to get rid of this. Now, I have a wallpaper telling me "Your System is Infected" in uppercase and in small case message saying that the system has stopped due to a serious malfunction due to spyware, and that I need to get spyware removal tool to prevent data loss (I just gave a summary of the text and not an exact quote). I am also getting security warnings in the form of windows boxes saying that different applications cannot be executed because XXXX (different files) are infected and asking me if I want to activate my antivirus now. Also I am getting Antivirus System Pro alert boxes saying that I am being attacked from different IP addresses and asking me to block this attack. From time to time, an internet explorer session is started trying to direct me to www.[bleep].org.

I reinitiated my computer in safe mode and got a message telling me that I was infected with worm.win32.netsky, and also I saw a DOS command windows running 41.exe. I was running Symantec Antivirus Corporate Edition before the infection and I installed WebRoot Spy Sweeper after the installation. The antivirus scan is not running properly and SpySweeper found a few spy cookies and a trojan and removed it, but the system is still having the same problems. I am writing from another laptop right now, since I have disconnected the infected system from internet. Last, but not least my system seemed to be hijacked since I cannot open task manager, command line, system restore, etc. Could anybody out there help me? Thanks in advance.

-Lorenzo
  • 0

Advertisements


#2
IndiGenus

IndiGenus

    Anti-Malware Buddha

  • Member
  • PipPipPipPip
  • 1,617 posts
Hello LJVM and welcome to the forums here at G2G.

Please follow the instructions at this link. Then post the logs from MalwareBytes, Root Repeal and OTL back to this link. Do not start a new topic.

If you are unable to do any of the steps above move on to the next and make note of those that will not run.

Let me know how it's running at this point also.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP