Plzzzzzzzzzzzzzz.Helpppppp

i am gettin this screen everytime i open my interent and it jus keep on closin internet.and msn or any program related 2 internet connection.could u plzz help me soon....................


http://i76.photobucket.com/albums/j14/zantosx/untitled-11.jpg

 

Did you try this..??...found on antivirus.about.com

Netsky.Q copies itself to the Windows directory as SysMonXP.exe and modifies the HKLM...\run key in order to launch when Windows is restarted:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SysMonXP = "C:\Windows\SysMonXP.exe"

Netsky.Q email characteristics

Subject:

Deliver Mail
Delivered Message
Delivery
Delivery Bot
Delivery Error
Delivery Failed
Delivery Failure
Error
Failed
Failure
Mail Delivery failure
Mail Delivery System
Mail System
Server Error
Status
Unknown Exception

First part of body:

Delivery Agent - Translation failed
Delivery Failure - Invalid mail specification
Mail Delivery - This mail couldn't be displayed
Mail Delivery Error - This mail contains unicode characters
Mail Delivery Failed - This mail couldn't be represented
Mail Delivery Failure - This mail couldn't be shown.
Mail Delivery System - This mail contains binary characters
Mail Transaction Failed - This mail couldn't be converted

Second part of body:

Note: Received message has been sent as a binary file.
Modified message has been sent as a binary attachment.
Received message has been sent as an encoded attachment.
Translated message has been attached.
Message has been sent as a binary attachment.
Received message has been attached.
Partial message is available and has been sent as a binary attachment.
The message has been sent as a binary attachment.

Attachment name:

data
mail
msg
message

The email attachment name will be followed by random numbers, and will have one of the following extensions: exe, pif, scr, or zip.

Removing the worm As with any infection, the best removal can be accomplished using up-to-date antivirus software. To manually remove Netsky.Q, use the Windows Task Manager to stop the SysMonXP process, delete the value:

SysMonXP = "C:\Windows\SysMonXP.exe"

from the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

and delete SysMonXP.exe from the Windows directory

 

Okay i searched but i can;t find SysMonXP anyhwere

 

Look what anti-malware application are you running?

My advice to you is to run both Malwarebytes anti-malware and SuperAnti-Spyware and perform a full scan. In addition to that, also run Avira free as well as PC tools free antivirus.

Now if these actions fail try to download Avast free and perform a full "boot scan" after updating the program and its virus database. If by a very remote chance your problem is still not solved grab your rescue CD or DVD and re-install windows .

After re-installing windows, if you choose to, try to run your browser inside a sandbox like sandboxie, please . By the way the website where you upload your image (Screenshot) was not a drive-by download right?

Peace.

 

wat do u mean drive-by dowlonad and i already did scan wid MBAm still no scuuess

 

One more thing

All the apps that I told you to use can handle netsky with no problem. However based upon your screenshot I think that you are using NOD32, to me at least, NOD32 is a joke. A hard drive could scream bloody murder against a malware and NOD32 would not be able to do s**t . Get rid of NOD32 first and install a good software that can really protect you.

Tell you what, get a good firewall like Outpost firewall or Comodo firewall with D+ and a good antivirus like the ones that mentioned in my previous post to you and have peace of mind with sandboxie.


Peace.

 

WTh nod 32 ain't good...wow jus tell me the wuick solution to end this ...first

 

Are you kidding? hey here is a wikipedia link:

http://en.wikipedia.org/wiki/Drive-by_download

Peace.

 

blehh..someone jus help me...............................

 

I just did but I guess you won't listen. What about Avira, Avast, PCtolls free, by the way you could also install a free trial of f-secure or DrWeb Cure It you could download Drweb Cure It at: http://www.freedrweb.com/

Try also Avira rescue CD that could be downloaded at:

http://www.avira.com/en/company_news/rescue_cd_.html

Try F-secure rescue CD at:

http://www.f-secure.com/linux-weblog/2008/06/19/f-secure-rescue-cd-300-released/

Man get busy action man, action. Stop arguing and start the war with Netsky and WIN.

Peace.

 

Well then good luck to ya, see ya.

Peace.

 

i will try that man..hope it will work: .............

 

What you could do also is to run your scans in safe mode. Also try kaspersky rescue Disk at:

http://www.raymond.cc/blog/archives...sk-to-clean-virus-without-booting-in-windows/

Another strategy is to locate the malware file and load it in virustotal for a scan. The result of such a scan will show all the available anti-virus programs that can detect the file and clean it hopefully. Who knows NOD32 could be one of them , but I doubt it, of course. I hate NOD32, I used it before thinking it was good. And all the vundo family as well as their friends were laughing at me.

Peace.

 

okay will try that but wats vundo familyyyy

 

Vundo family

Check this first:

http://en.wikipedia.org/wiki/Vundo

Second:

http://onecare.live.com/site/en-us/virusenc/virussearch.htm?VirusSearch=Vundo

Third:

http://www.threatexpert.com/reports.aspx?find=vundo&x=0&y=0

I hope that helps.

Peace.

 

Hi Zantosx

Based upon your screenshot I think you are infected by the win32.netsky.q. It is an e-mail worm that has been around since 2004. You probably got a tough variant. If not most anti-virus programs will be able to handle it. Please check this out:

From Computer Associates (CA)
1) http://www.ca.com/us/securityadvisor/virusinfo/virus.aspx?id=38727

From Kaspersky
2) http://www.viruslist.com/en/viruses/encyclopedia?virusid=22760

From Microsoft
3) All the netsky's family variants
http://www.microsoft.com/security/portal/SearchResults.aspx?query=win32.netsky.q

Microsoft also provides a detailed manual step by step instruction with respect to how to remove the worm.
http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm:Win32/Netsky.Q@mm

Look further NOD32 claims they can handle your worm
Behold: http://www.virus-radar.com/stat_01_current/virus_0002_enu.html


Beside even clam av can handle it. There is a portable version of ClamAV located at:
http://portableapps.com/apps/utilities/clamwin_portable

Spyware Terminator also can handle it since it has the ClamAV engine:
http://www.spywareterminator.com/item/18067/Email--WormNetSkyq.html


Peace and my job is done. I have helped you as far as I possibly can.

 

um no this is differen problem.. i already tired that but its not working.....i did scan but can't anything...............

 

From the picture you showed, it is not Netsky.
Looks like a Trojan Antivirus.
Firewalls do not alert on specific infection types.
From what I am reading at this forum, it is becoming more difficult to remove.

Remove-Malware.com is a poster here. He uses many of the programs recomended to you in safe mode to clean peoples computers.

If the safe mode method isn't working try a live rescue cd, Avira, Dr. Web, Bitdefender to name a few.

If this doesn't work, then it may be a new strain with no signiture or an anoyance program which is not a virus/trojan.

If after regular mode scan, safe mode scan, alternate OS/live cd scan and still having issues; You will have to seek help at a forum that allows log posting for malware issues. Wilders does not allow HJT logs. If you post a log the Mods/admins will remove it or post why and where to get help and close the thread.

You can post HiJackThis logs at this forum for help-->http://www.castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html
While waiting for help you can follow their Malware Removal and Prevention

Their are other forums helping in malware issues, Geeks to go, Bleeping Computer, Gladiator Security Forum
Many times the prevention is much easier than the cure. (stolen from somebody's sig)

In the future, you should have a disaster recovery software like Paragon Drive Backup Express(free), Rollback RX, EAZFix, preferably from a clean uninfected install.
Maybe try surfing in a virtual environment when connected like Returnil, SandboxIE, DeepFreeze, VMWare Player+VMWare Converter, or Virtualbox.
This allows you to revert to a previous uninfected state if you get into trouble.

Good luck and I hope you get this resolved.

 

Thanks a lot..i will do it as u say when i wake up mornin tomrrow u people are best 2 reply fast and help me

karama for u all

 

Did this happen directly after the clean up of last infection over at Gladiators or have u gone and got your system infected once again? I hope it's not the latter.

http://gladiator-antivirus.com/forum/index.php?showtopic=80945

My advice would be to continue over there in the above thread(yours) for further help.



snowbound

 

I doubt that u are using the infection prone internet explorer ?are u using ie?

And the major problem with computer users is that they dont use softwares to revert to a clean state.