Results 1 to 4 of 4

Thread: Win32 Netsky

  1. #1
    Junior Member
    Join Date
    Mar 2009
    Posts
    32

    Win32 Netsky

    Anyone have any experience ont he Win32 Netsky virus?

    Really could use some help. I have XP and it hit me this morning with all of the popups telling me to run Windows Virus 2010 and such. It also corrupted my browser because every time a do a search for the virus it takes me to advertising sites.

    The only reason I know the name is because I got a popup at the beginning of my Windows Start up informing of the virus.

    I normally use adaware but it wone even let it complete a scan before restarting it.

    I also tried safe mode and cant get into it. Tried system restore and I get an error message saying it is disabledand I may have a virus. I also tried task manager to cease the process on the program running the virus and I even get an error with trying to start that up.

    I heard the windows removal tool (for malicious software) would get rid of it but even after I install it it will not run.

    Any hel would be appreciated.

  2. #2
    The Beast Master TZ Veteran PIPER's Avatar
    Join Date
    May 2002
    Location
    Florida
    Posts
    1,180

  3. #3
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,415
    captain, you probably don't have netsky. Netsky is an old virus and any decent anti virus would have removed it.
    Since you have a message to run Windows Virus 2010, and that is a fake antivirus, I will bet that you are the victim of a fake antivirus program, which are extremely annoying and hard to remove because they block access to real antivirus, and to security web sites.
    From a clean computer do the following
    Download Microsoft Malicious Software removal tool http://www.microsoft.com/security/ma...e/default.aspx
    Then download spybot and the include (updates) http://www.safer-networking.org/dl/
    and download an antivurs, or get the cd ready if you already have one. If you don't have any let me suggest you Avast home edition. It is free, and you only need to register it once a year http://www.avast.com/eng/download-avast-home.html
    Once you have all those tools in a thumb drive follow this instructions
    Install Spybot, and then the includes to put it up to date
    open Spybot and change the mode to advanced mode.
    In the tools section go to Active X, and uncheck all the ActiveX components (we are just temporarily disabling them), do the same for BHOs.
    Then go to system Startup inside the Spybot tools and uncheck anything that is listed in there except for the stuff that says winlogon (what is essential for Windows will be re-enabled automatically), then restart the PC.
    The computer will start most likely in a clean state (if you don't open Internet Explorer, or anything else), so now you can run the Windows Malicious Software removal tool., once it is done run Spybot and update it, and run a scan. Once done, and before restarting if it ask for it, install Avast. Avast will run also an antivirus scan at boot time.
    Reboot, let the programs scan, and now most likely you should have the machine working, as well as Internet.
    Go back to Spybot in advanced mode, and enable the ActiveX, BHOs and Startup programs making sure you know first what they are. In the description you will see the prorgam that are installed and can help you recognize the component. If in doubt, just post a list here (you can export the list to a text file that can be easily copied) and we will help you figure it out.
    This method with Spybot I find it easier than hijack this since Spybot can help you identify the programs better

  4. #4
    Friendly Neighborhood Super Moderator phishhead's Avatar
    Join Date
    Apr 2002
    Location
    San Diego, Ca.
    Posts
    3,739
    With antivirus2009 virus I've been having good luck by turning off system restore. then boot into safe mode with networking and install malwarebytes from a jump drive. In your case you might have to use a live cd like bartPE disk with some tools on it to remove it. hxxp://www.downarchive.com/software/operating/16268-minipe-xt-v2k5-0903.html



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •