Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Worm.Win32.Netsky


  • Please log in to reply

#1
johnnydotcom

johnnydotcom

    New Member

  • Member
  • Pip
  • 1 posts
Hello, first of all I'd like to thank you guys for all the assistance you give to the public. Sometimes there are things that happen that we just dont understand.

Now on to the point of my post. Just today I was watching a video online, when i started getting a handfull of pop ups. The pop ups were different then those ive seen selling rogue spyware but I know better then to click on them anyhow. I start alt+F4 them and I got to a point were I couldnt alt+F4 them anymore so i powered down my PC.

I now restart my PC and the first thing I see is a pop up saying my pl is infected with Worm.Win32.Netsky. There is no wallpaper or anything. I tried starting it in safe mode and I noticed Spyboy S&D, and a Defender program I hadnt noticed. I am known for using Spybot before so maybe I had downloaded it prior so I scanned.

About 1/5th of the way through the scan i'm noticing the programs it's scanning are not ones i've seen before. Alot of malware programs, virusso and so even a Smitfraud C. I'm almost thinking that this spybot I just used started downloading other programs instead of taking them away. The stuff it was telling me to delete were stuff like Window Restore files ans such. I forced shutdown again and It wasnt allowing me to with a window saying "Spybot Is not allowing your computer to shut down cause it is still running" but it did give me the option to bypass it and proceed to shut down.

Now if I try to restart its just a plain black screen both in regular mode and in safe mode.

Please help, if at all possible. If a Reformat is needed so be it. I would post logs but as I said I cant even get into the computer in safe mode now. Maybe you guys know some tricks of the trade?

-John

Edited by johnnydotcom, 16 December 2009 - 06:13 PM.

  • 0

Advertisements


#2
chamber

chamber

    Face Burnin' Malware Fighter

  • Visiting Consultant
  • 2,712 posts
Hi,

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scan box paste this in

    netsvcs
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    /md5stop
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP