Welcome to MalwareRemoval.com, What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.
MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
My computer has restarted automatically downloading Windows updates the last couple of nights. After one of these updates both MRT.exe and Comodo anti virus reports a problem with the windows/system32/drivers/ndis.sys file... I can't seem to find any instructions anywhere on how to resolve this. I would be very grateful for any help getting rid of this infection.
Hello, and to the Malware Removal forums. My name is Michael I'll be glad to help you with your computer problems.
HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
Please be patient and I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for this issue on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
All of my posts need to be checked by a teacher, so please be patient while I attempt to remove your malware.
Make an uninstall list using HijackThis To access the Uninstall Manager you would do the following:
Start HijackThis
Click on the Config button
Click on the Misc Tools button
Click on the Open Uninstall Manager button.
Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Save the file to your desktop.
Please post this log on your next reply. Please also do not post things in code or quote boxes, it makes it harder to read.
Thanks for your kind offer. Since my initial posting my comodo anti-virus and the online jotti scanner (front for about 20 products could not find any virus or trojan in the ndis.sys file. However MRT.exe still says something is there.
List as requested: --------------------------------------
Acrobat.com Adobe AIR Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.1.3 Agil's Coloring Book v1.0 Broadcom 440x 10/100 Integrated Controller Citrix XenApp Web Plugin CmdHere Powertoy For Windows XP Combined Community Codec Pack 2008-09-21 16:18 COMODO Internet Security Conexant HDA D110 MDC V.92 Modem Creative WebCam Center Creative WebCam Live! Ultra Driver (1.01.03.0127) Creative WebCam Live! Ultra User's Guide (English) Critical Update for Windows Media Player 11 (KB959772) Dell ResourceCD DVD43 v4.4.0 eMule Eudora FileZilla Client 3.2.4.1 FLV Player 2.0 (build 25) Get Yahoo! Messenger HandBrake 0.9.3 High Definition Audio Driver Package - KB835221 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) HP Document Viewer 7.0 HP Imaging Device Functions 7.0 HP Photosmart, Officejet and Deskjet 7.0.A HP Solution Center 7.0 Image Resizer Powertoy for Windows XP Inkscape 0.46 Intel(R) Graphics Media Accelerator Driver Intel(R) PROSet/Wireless Software Java DB 10.4.1.3 Java(TM) 6 Update 15 Java(TM) SE Development Kit 6 Update 13 Lernout & Hauspie TruVoice American English TTS Engine Malwarebytes' Anti-Malware mCore mDriver mDrWiFi mHlpDell Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Office Access MUI (Danish) 2007 Microsoft Office Enterprise 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Danish) 2007 Microsoft Office Groove MUI (Danish) 2007 Microsoft Office InfoPath MUI (Danish) 2007 Microsoft Office OneNote MUI (Danish) 2007 Microsoft Office Outlook MUI (Danish) 2007 Microsoft Office PowerPoint MUI (Danish) 2007 Microsoft Office Proof (Danish) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Danish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (Danish) 2007 Microsoft Office Shared MUI (Danish) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Visio MUI (English) 2007 Microsoft Office Visio Professional 2007 Microsoft Office Visio Professional 2007 Microsoft Office Word MUI (Danish) 2007 Microsoft Sync Framework Runtime v1.0 (x86) Microsoft Sync Framework Services v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 mIWA mLogView mMHouse Modem Helper Motorola Driver Installation 3.7.0 Motorola Phone Tools Mozilla Firefox (3.5.3) mPfMgr mPfWiz mProSafe mSSO MSXML 4.0 SP2 (KB954430) MSXML 6.0 Parser (KB933579) mWlsSafe mWMI mXML mZConfig OCR Software by I.R.I.S 7.0 Paint.NET v3.36 PDFCreator Picasa 3 RarZilla Free Unrar 2.53 Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969897) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) SigmaTel Audio Skype™ 4.0 SyncToy 2.0 (x86) Talking Flash Cards TUGZip 3.5 Tweak UI Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB971930) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB973815) VMware Workstation Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12) Windows Driver Package - Ricoh Company MMC Host Controller (07/14/2005 1.00.00.06) Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04) Windows Imaging Component Windows Internet Explorer 8 Windows Live OneCare safety scanner Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows XP Service Pack 3 WinRAR archiver WordWeb
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
eMule FileZilla Client 3.2.4.1
I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P file sharing as a major conduit to spread their wares.
You must go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).
If you do not wish to remove your P2P programs, please tell me and this topic will be closed.
Please post a new Uninstall List on your next reply.
FileZilla is an FTP client. I do not think that counts as a P2P technology. Regardless I will close this topic since I seem to have no problem any more according to the various scanners I have tried in the meantime.
Users browsing this forum: No registered users and 289 guests
Contact us:
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.