net-worm.win32.dipnet.d

mistral · Feb 19, 2010

Hello

Our computer is infected with the worm listed in the title. I only know this because it first appeared while I was at work, and my husband wrote it down.
I can turn it on in Normal Mode, but unable to access anything - the Start bar doesn't even come on at the bottom before it all freezes.

I can open the Windows Advanced Options Menu using the F8 key, but it will not open in Safe Mode.

I can open the Recovery Console. Since checking if this was possible, it only went to a black blank screen.

What would you like me to do?

TimW · Feb 19, 2010

Welcome to Major Geeks!

Please try doing the below:

You may have to use task manager to run some of this:

Download ( or download to another computer and transfer it ) and save the below to your PC (save it anywhere you can find it. The Desktop is fine). Then doube click on it to run it.

AVPFind.bat

It should take a couple minutes to run. You will see a black command prompt window while it is running and it should close when it is finished. Once it finishes, attach the c:\avplog.txt file that is will hopefully create as long as the malware does not block the batch file from running.

Now download and Run exeHelper

Please download exeHelper to your desktop.

Double-click on exeHelper.com to run the fix.

A black window should pop up, press any key to close once the fix is completed.

Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

Also please try running the below online scan:

http://www.superantispyware.com/onlinescan.html

Reboot immediately after scanning if it finds and removes anything. Let me know if anything was found. It does not save a log.

Then try running these instructions: Using MGtools

Attach the below logs when finished with all of the above:

C:\avplog.txt - from AVPfind

log.txt - from exeHelper

C:\MGlogs.zip - from MGtools

The C:\ assumes that drive C is you Windows boot drive. If you boot from another drive, then use the correct drive letter above.

mistral · Feb 19, 2010

Thank you for prompt reply.

When I turned the computer on, it opened a screen with the option to run XP normal mode or recovery mode, automatically chose normal mode, then went to a black blank screen and would not open any further.

I have tried to open it in safe mode (I am using a different computer to communicate with you, and to download all your suggestions to a flashdrive) and it is stuck on a screen that has 14 repeated lines with different endings such as "multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\system32\...."

Should I choose a different safe mode option (there were 3 options), or do you have an alternative?

TimW · Feb 20, 2010

Try doing as much of the below READ & RUN ME FIRST (down after the quote box) as possible by using a different user account if you have another one you can try. If you cannot boot in any mode ( safe or normal mode ) and you cannot run any of the READ & RUN ME there is not much we can do for you except suggest what is in the below quote box

[*]Take the hard disk out and scan it in another well protected PC
[*]Use another PC to make a special CD which you can boot from to try and run virus and spyware scans or to at least backup data. CDs like the below:

http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

UBCD4Win

http://www.sysresccd.org/Main_Page

http://trinityhome.org/Home/index.php?wpid=1&front_id=12

[*]reinstall

Click to expand...

Log in or Sign up

net-worm.win32.dipnet.d

mistral Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

mistral Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member