I think that there is something wrong with my ntoskrnl, because it's showing up on the windows task manager and I'm pretty sure that it isn't supposed to. I'm not actually sure if it's virus/trojan related or something else. Really, I have no idea what to do or how to fix it. I'm not very technically savvy, so I was wondering if you guys could help me out with simple language and all that.
Ntos.exe
- Thread starter Ninte
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
howard_hopkinso
Posts: 21,238 +17
It`s a tool that allows us to see if there`s malware on your system and in some cases stop it from running.
Just post the HJT log as requested.
Regards Howard
Just post the HJT log as requested.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Just as I suspected, your system is badly infected with a variety of malware, as well as a hijacker.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.
Also, please attach the C:\fixwareout\report.txt.
Also, let me know the results of the Panda Antirootkit scan.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.
Also, please attach the C:\fixwareout\report.txt.
Also, let me know the results of the Panda Antirootkit scan.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
That`s ok, just make sure you follow the instructions properly.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I was trying to upload the report so I wouldn't forget, but I couldn't find it. I used search, and it said the file was in the fixwareout.exe, but I couldn't figure out how to get the report out of that.
I got as far as to finish step 6, but I have to go. I'll do the rest either wednesday or thursday. I have no idea how to find the report for the fixit, by the way. I tried search.
I got as far as to finish step 6, but I have to go. I'll do the rest either wednesday or thursday. I have no idea how to find the report for the fixit, by the way. I tried search.
howard_hopkinso
Posts: 21,238 +17
The Fixwareout report is located at C:\fixwareout\report.txt. as I said in my post above.
Wait till you have the rest of the requested log files etc, before you attach it.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Wait till you have the rest of the requested log files etc, before you attach it.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
That`s ok, just redownload SmitFraudFix and try again. If it still happens, just skip it and move on to the next instruction.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Sorry, yes, I meant Combofix lol.
Regards Howard
Regards Howard
howard_hopkinso
Posts: 21,238 +17
ntos.exe is nasty, especially if it`s found in your Windows\system32 folder. So, yes, you should delete it.
You really do need to post the requested log files and the results of the Panda Antirootkit scan.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
You really do need to post the requested log files and the results of the Panda Antirootkit scan.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
The panda antirootkit didn't find anything.
AVG spyware also had some trouble quarantining. It couldn't quarantine about five out of the six trojans. AVG went crazy at that point, and I must have seleted heal on about 35 or so threat detections.
I tried several times to upload the HJT log, but I'm not sure if it worked. This happened with the fixit log, too. The combofix as well! I'll post this and try those three logs again.
When I try to upload them, all it says is 'Attachment in progress. Can be deleted here.'
AVG spyware also had some trouble quarantining. It couldn't quarantine about five out of the six trojans. AVG went crazy at that point, and I must have seleted heal on about 35 or so threat detections.
I tried several times to upload the HJT log, but I'm not sure if it worked. This happened with the fixit log, too. The combofix as well! I'll post this and try those three logs again.
When I try to upload them, all it says is 'Attachment in progress. Can be deleted here.'
howard_hopkinso
Posts: 21,238 +17
All the infections in your AVG Antispyware log are in your system restore points. There`s no need to worry about those at the moment and we`ll deal with them after we`ve cleaned your system.
Regards Howard
Regards Howard
howard_hopkinso
Posts: 21,238 +17
You need to run the Panda antirootkit scan and let me know the results. that`s because the Downloader.Agent.uj uses rootkit technology.
Then, after we`ve looked at that, we`ll see about those log files.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Then, after we`ve looked at that, we`ll see about those log files.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Ok, in that case, please do the following.
Download and run the Blacklight programme. Follow all the instructions carefully.
Let me know if it finds anything.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Download and run the Blacklight programme. Follow all the instructions carefully.
Let me know if it finds anything.
Regards Howard
This thread is for the use of Ninte only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
The Backlight Beta graphical interface user version.
Regards Howard
Regards Howard
- Status
Similar threads
Latest posts
-
US TikTok ban could begin next year as Biden signs law, but legal battle looms- GodisanAtheist replied
-
Upgraded 4K Chromecast with Google TV set to launch soon with improved hardware- hahahanoobs replied
-
Nintendo DMCA lawyers shut down everything Mario on Garry's Mod- Uncle Al replied
-
BlizzGone: Blizzard cancels 2024 convention but promises an eventual return
- GodisanAtheist replied
