Hi There, Although I have tried to follow the steps one by one I am getting stuck in the SuperAntiSpyware option as I have done everything donw to this point and whilst doing this pc is shutting down scanning the 7807 file of the registry. I am uploading the log for the Malware Bytes for your perusal is there anything I can do to finalise this SuperAnti Spyware scan? Helpppppp!!!!
8 step Malware removal
- Thread starter Hookshut
- Start date
- Status
touch
Posts: 976 +0
Hello Hookshut
Please download combofix here ->
ComboFix
Before Saving it to Desktop, please rename it to 321.com to stop malware from disabling it.
Now, please make sure no other programs are running, close all other windows.
Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.
You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.
Combofix will create a logfile and display it after your computer has rebooted.
Usually located in c:\combofix.txt, please attach it to your next post
Please download combofix here ->
ComboFix
Before Saving it to Desktop, please rename it to 321.com to stop malware from disabling it.
Now, please make sure no other programs are running, close all other windows.
Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.
You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.
Combofix will create a logfile and display it after your computer has rebooted.
Usually located in c:\combofix.txt, please attach it to your next post
touch
Posts: 976 +0
Looks like c:\windows\system32\drivers\ndis.sys are infected, as it is a Windows file, we´ll need to replace it with a clean file.
Therefore, please check these files for me:
Please upload and have these files scanned:
c:\windows\$NtServicePackUninstall$\ndis.sys
c:\windows\ServicePackFiles\i386\ndis.sys
Here:
http://virusscan.jotti.org/ Or here: http://www.virustotal.com/en/indexf.html
Attach back the results.
Therefore, please check these files for me:
Please upload and have these files scanned:
c:\windows\$NtServicePackUninstall$\ndis.sys
c:\windows\ServicePackFiles\i386\ndis.sys
Here:
http://virusscan.jotti.org/ Or here: http://www.virustotal.com/en/indexf.html
Attach back the results.
Hi Touch,
Used the Virusscan.jotti and the results are as below. JUst bare in mind that I have done the second file you have asked first in time order.
Filename: ndis.sys
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Wed 24 Jun 2009 15:11:13 (CET)
Filename: ndis.sys
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Wed 24 Jun 2009 15:09:10 (CET)
I didint know if it makes it in a log so copy and paste is what I have thought for this sorry if I am wrong,
Thx
Used the Virusscan.jotti and the results are as below. JUst bare in mind that I have done the second file you have asked first in time order.
Filename: ndis.sys
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Wed 24 Jun 2009 15:11:13 (CET)
Filename: ndis.sys
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Wed 24 Jun 2009 15:09:10 (CET)
I didint know if it makes it in a log so copy and paste is what I have thought for this sorry if I am wrong,
Thx
touch
Posts: 976 +0
Good 
Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop
Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.
Combofix will create a logfile and display it after your computer has rebooted.
Usually located in c:\combofix.txt, please attach it to your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop
Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.
Combofix will create a logfile and display it after your computer has rebooted.
Usually located in c:\combofix.txt, please attach it to your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Hi Touch,
I have woken up to bigger problems as the system cant start windows now although it was working fine last night. I also have a faulty DVD rom and no Windows XP apart from the Sony Vaios recovery utility which will set it back to original settings. I dont know what to do can you suggest something that i can do to recover it I tried all known Last System configuration, safe mode etc through the F5 and nothing prevails. The system thinks it is starting but then like it is getting stuck like a record. Please help.....
I have woken up to bigger problems as the system cant start windows now although it was working fine last night. I also have a faulty DVD rom and no Windows XP apart from the Sony Vaios recovery utility which will set it back to original settings. I dont know what to do can you suggest something that i can do to recover it I tried all known Last System configuration, safe mode etc through the F5 and nothing prevails. The system thinks it is starting but then like it is getting stuck like a record. Please help.....
- Status
Similar threads
