Results 1 to 10 of 12

Thread: Win32.NetSky Ate Me Up Yesterday

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Member
    Join Date
    Jan 2010
    Location
    Wisconsin
    Posts
    31

    Default Win32.NetSky Ate Me Up Yesterday

    Hi all...I'm David...new to the Forums here. I've been using Spy-Bot exclusively for the last 3 1/2 years without any problems until yesterday....when I was checking my Yahoo email....then all of a sudden my hard-drive was making a lot of noise for some reason.

    I ALWAYS have my Task Manager open.....so I looked at that....and saw Acro32.exe running for some reason.....so I killed that....then saw a "amybdc.exe" running and killed that too. I then rebooted up in Safe Mode and did a scan with Spy-Bot....and found several things....which I then SUPPOSEDLY fixed....but after the fix....I could not log back on into Windows (I had a password protection)....and ended up re-installing Windows.

    Any of the rest of you run across this...or have any thoughts?

  2. #2
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    The process you are seeing "Acro32.exe" is part of Adobe Reader 9.x. It is safe.

    As for the other process, I would be concerned because the search for "amybdc.exe" had no results on Google.

    What I would do to confirm the security of the machine is to visit this forums, Malware Removal Forum.
    http://forums.spybot.info/forumdisplay.php?f=22
    -
    Start your own thread with a HJT log and be patient. Instructions and everything you need to know is in this thread:
    http://forums.spybot.info/showthread.php?t=288
    -

  3. #3
    Senior Member
    Join Date
    Jul 2006
    Location
    Croatia
    Posts
    735

    Default

    Quote Originally Posted by drragostea View Post
    The process you are seeing "Acro32.exe" is part of Adobe Reader 9.x. It is safe.
    I think you're wrong. Acro32.exe is NOT a part of Adobe Reader 9.x.
    AcroRd32.exe is a part of Adobe Reader 9.x.
    Google results for searching "Acro32.exe" by some reason gave results of AcroRd32.exe.

  4. #4
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Thank you Tom K. for the correction .
    Well, if that process is not Adobe Reader it is not the real thing. Along with your buddy "amydbc.exe" on the process manager (I have it feeling it is set to autostart everytime you boot your machine), these two do not make sound nice on your machine.

    Follow the instructions above to the Malware Removal Forums.

  5. #5
    Member
    Join Date
    Jan 2010
    Location
    Wisconsin
    Posts
    31

    Default

    My apologies folks....it was Acrord32.exe.

    Like I said though...I re-installed Windows.....and that cleared up my problems.

    After I revived my Internet access, I went to Signin to my Yahoo email....at which point that was a Security notice just beneath my password block that said I needed an Adobe update, so I clicked on the link and went and got it.

    I see on the Adobe site that there are a couple of security issues that are very recent.

    http://www.adobe.com/support/security/

    Also.....I just did a search for Adobe + "security issues" on Yahoo and got several recent things...

    http://search.yahoo.com/search?p=Ado...8&fr=yfp-t-701

    I am sure that the other .exe (amybdc.exe) was probably what downloaded all the nasty stuff....as I found it in my Temp folder....along with a file that was titled "jar_cache12994.temp"...which I deleted both before doing the SpyBot scan.

    Here's a few things I wrote down that SpyBot had found though...

    Win32.Agent.chh
    Supsav.Smss32
    M.Windows.ActiveDesktop

    It was after I zapped them with SpyBot that I couldn't Log on anymore...and then decided to do the Windows re-install.

    I did another SpyBot scan afterwards and found nothing, so at this point I'm OK.

  6. #6
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    I would not say I am "glad" that you had it resolved, but you took the easy path. I hope you backed up your data before you reformatted the machine.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •