Need Help with W32.Netsky.p@mm!enc Removal

Discussion in 'Malware Help (A Specialist Will Reply)' started by j105.rob, Apr 21, 2009.

  1. j105.rob

    j105.rob Private E-2

    I have followed the guide and nothing was found on the computer.

    It is a MS Small Business 2003 server

    The only logs produced were by the MGTools step.
     

    Attached Files:

  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You need to attach the logs from SUPERAntiSpyware, Malwarebytes, and ComboFix that we requested.

    Exactly where is Symantec detecting W32.Netsky.p@mm!enc
     
  3. j105.rob

    j105.rob Private E-2

    c:\windows\temp

    It appears to be running in batches creating files; then Symantec Endpoint Protection will let me know that there has been an issue and will only quarantine the files if I actually open explorer and point to that dir.
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You still need to attach the other 3 logs requested in the READ & RUN ME and in my last message. Until you do this, there is nothing else we can do for you.
     
  5. j105.rob

    j105.rob Private E-2

    I get that part... what I am saying is that none of the logs you are requesting me to post have been produced in the locations you specify in the document I followed. Can you provide some insight as to where they maybe found? I followed the document to the letter prior to me posting my first post.

    TIA!!
     
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If ComboFix ran properly, the log will be C:\combofix.txt

    If it did not run properly, then tell me what happened when you ran it. Also you will probably find a C:\Bug.txt log you can attach which is created when ComboFix does not run to completion. Also it is very important that ALL protection software is shutdown before you attempt to run ComboFix.


    Your logs from SuperAntiSpyware and Malwarebytes can all be found as listed below;
    Code:
    C:\Documents and Settings\eastport\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs\
    [B]Apr 21 2009  465  "SUPERAntiSpyware Scan Log - 04-21-2009 - 12-14-01.log"[/B]
     
    C:\Documents and Settings\eastport\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\
    Apr 17 2009  815  "mbam-log-2009-04-17 (08-47-23).txt"
    [B]Apr 21 2009  834  "mbam-log-2009-04-21 (12-26-38).txt"[/B]
    Mar 26 2009  816  "mbam-log-2009-03-26 (14-11-46).txt"
    [B]Mar 27 2009  979  "mbam-log-2009-03-27 (07-13-23).txt"[/B]
    Mar 27 2009  844  "mbam-log-2009-03-27 (07-38-00).txt"
    Mar 27 2009  841  "mbam-log-2009-03-27 (10-23-01).txt"
    Only attach the logs I highlighted in bold print.


    Can you goto the C:\WINDOWS\Temp\ folder and delete all the files in this folder?
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds