Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worm.win32.netbooster Got Rid Of Worm But Need Help With Followup


  • Please log in to reply
3 replies to this topic

#1 KittyNeedsHelp

KittyNeedsHelp

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 13 July 2008 - 02:12 AM

Today my laptop became infected with a worm. I followed advice on this fourm and used smitfraudfix, atf cleaner, and superantispyware to remove the problem. I also have run a malwarebytes scan but my laptop remains VERY VERY VERY slow. It takes about 4 minutes just to log onto the internet and it freezes alot. Also, my ctrl alt delete (which until today worked fine) refuse to function. I cannot very well give you a hijackthis diagnostic report because I cannot get online to post the results due to the slowness of my computer.

Please help! I can get on long enough to probably be able to download something but that would be it.

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:11 PM

Posted 13 July 2008 - 07:06 AM

See if you can update MBAM and SAS, after that disconnect from the internet, you might need to pull the power to your router/modem if you use wireless

Run MBAM from normal mode, let it cure anything, then boot into safe mode and run atf cleaner and then SAS

http://www.bleepingcomputer.com/forums/ind...mp;#entry839950

Follow these directions please

If you are using Vista please advise as ATF Cleaner does not work quite right

Edited by DaChew, 13 July 2008 - 07:06 AM.

Chewy

No. Try not. Do... or do not. There is no try.

#3 KittyNeedsHelp

KittyNeedsHelp
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 13 July 2008 - 11:15 PM

Through my own dam stubbornness I was able to get it to boot in normal mode and currently Kapersky is running a scan it so far it has found and cured the following:
trojan.win32.monderb.gen in system32\drpjsc.dll
trojan.win32.monderb.gen in system32\nnlmevsk.dll
trojan-downloader.win32.zlob.rhb in system volume information\_restore{really long number letter combo)
trojan-gametheif.win32.onlinegames.seue in same place as above.

the scan is now 25% done and has several hours left till completion. Due to past experience I am not trying to run ANYTHING but Kapersky right now because so far running anything else causes a crash. Just working in Kapersky you would never know there was a bug. Everything runs smoothly and without problems but so far tryin to run anything else causes an instantaneous freeze of the system. My task manager still wont open no matter what key combo or right clicking on the toolbar and firefox appears affected as well. After Kapersky has run the full system scan I will risk running malwarebytes and hopefully it will run.

Any ideas on what now? I am not TOTALLY sure but I believe that the first 2 trojans Kapersky found are recreating themselves at every system shutdown because everytime I get a sucessful normal mode start up Kapersky startup scan always finds 2 trojans. I am not sure if they are the same as I have only just now taken down the names of the trojans but perhaps if malwarebytes freezes or for some other reason I willfully shut down the computer :thumbsup: I will get the name of the trojans if Kapersky finds them again.

Edit:Kapersky finished and I was able to update both programs like suggested. It is currently running the malwarebytes scan on the computer. The scan has already found 3 infections but is running VERY slow and VERY laggy so I will probably leave it overnight and then run SAS in the morning and post on how that goes.

Any ideas or opinions?

Edited by KittyNeedsHelp, 14 July 2008 - 12:18 AM.


#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:11 PM

Posted 14 July 2008 - 02:57 AM

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

At this point Kasp is probably a lot of your problem, however I am sure that you have too many other running processes loading at bootup, most computers are an accident waiting to happen, malware becomes the straw that breaks the camel's back

Malwarebytes' Anti-Malware 1.20
Database version: 938
Windows 5.1.2600 Service Pack 3

3:42:51 AM 7/11/2008
mbam-log-7-11-2008 (03-42-51).txt

Scan type: Quick Scan
Objects scanned: 41459
Time elapsed: 2 minute(s), 23 second(s)


Edited by DaChew, 14 July 2008 - 03:09 AM.

Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users