Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worm.win32.netsky


  • Please log in to reply
10 replies to this topic

#1 Dorjun Driver

Dorjun Driver

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Port Townsend, WA
  • Local time:02:02 PM

Posted 02 December 2007 - 10:59 AM

The description says it all. I get warnings, IE self-starting with offers of free scans, &c, &c.

Any help is appreciated.

Regards,
Doug


Mod Edit: Topic moved to more appropriate forum~ TMacK

Edited by TMacK, 02 December 2007 - 01:35 PM.


BC AdBot (Login to Remove)

 


#2 Dorjun Driver

Dorjun Driver
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Port Townsend, WA
  • Local time:02:02 PM

Posted 02 December 2007 - 01:28 PM

After an attack by Worm.Win32.Netsky, my mouse no longer behaves in the manner I wish. Checking the folder options, I find the mouse options I usually use have been disabled (see attachment). Any clues?

Regards,
Dorjun Driver


Mod Edit: Topic " Folder Options Conundrum" merged with this topic for continuity purposes.~ TMacK

Attached Files


Edited by TMacK, 02 December 2007 - 01:40 PM.


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,743 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:02 PM

Posted 02 December 2007 - 01:58 PM

Download and scan with MS Malicious Software Removal Tool.

If that does not help, then download and perform a scan with Trend Micro's Sysclean Package.
Be sure to print out and follow the instructions provided in the How to Use System Cleaner for performing a scan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Dorjun Driver

Dorjun Driver
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Port Townsend, WA
  • Local time:02:02 PM

Posted 02 December 2007 - 09:28 PM

Quietman7:

I've tried both your recommendations with no joy. Any other pearls?

Regards,
Dorjun Driver

#5 buddy215

buddy215

  • Moderator
  • 13,307 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:02 PM

Posted 03 December 2007 - 09:53 AM

Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

If SAS finds Zlob or Smitfraud and you still have a problem, use the Smitfraudfix tool in the link below.
Be sure to read and follow the directions carefully.
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Dorjun Driver

Dorjun Driver
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Port Townsend, WA
  • Local time:02:02 PM

Posted 03 December 2007 - 05:14 PM

buddy215:
That seems to have done the trick. So far. Heck, even my mouse is back to normal. Hurray!
Thanks,
Dorjun Driver

#7 buddy215

buddy215

  • Moderator
  • 13,307 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:02 PM

Posted 03 December 2007 - 05:21 PM

Good!!
Did you need to use the Smitfraudfix tool?

You now need to cleanup the malware that is in the System Restore points. Directions on how to do that
are in the link below.
http://www.bleepingcomputer.com/tutorials/windows-xp-system-restore-guide/

Remove temporary files, logs, cookies, etc. by using Ccleaner. Do not use "Advanced Settings" or the "Issues" button. Use only the default settings. http://www.ccleaner.com/
During install you will be offered the Yahoo Toolbar. If unwanted--UNcheck.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:02 PM

Posted 03 December 2007 - 10:26 PM

Hello Dorjun Driver, Note before you use CCleaner...

Registry cleaners are extremely powerful applications. There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly can have disastrous effects on your operating system such as preventing it from ever starting again..

Use Extreme Caution!!
Before proceeding, backup your registry! NOW!!
Recommended registry utility. ERUNT Registry Backup
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 buddy215

buddy215

  • Moderator
  • 13,307 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:02 PM

Posted 04 December 2007 - 07:38 AM

Ccleaner has several Tools. One is a "registry cleaner". The "registry cleaner" is the "ISSUES" button.
No need to use the "ISSUES" button to do the cleaning mentioned in my other post.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 Dorjun Driver

Dorjun Driver
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Port Townsend, WA
  • Local time:02:02 PM

Posted 04 December 2007 - 12:31 PM

Yeah, I used Smitfraudfix and it picked up some additional junk. Itís three bells in the forenoon watch and all is well.

Thanks all,
Dorjun Driver

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,743 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:02 PM

Posted 04 December 2007 - 02:16 PM

Don't forget to Create a New Restore Point to enable your computer to "roll-back" to a clean working state and use Disk Cleanup to remove all but the most recently created Restore Point.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users