| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 91679 | 2008-07-15 07:45:00 | No virus scanner how do i get it | dunno (1572) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 689067 | 2008-07-16 05:38:00 | I am home with my sister to help now, I have run hijack this again and have posted what it is bringing up, i will try to run trojan remover now, altho when i rebooted it still came up with the virus Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:51:03 PM, on 7/16/2008 Platform: Windows 2000 SP2 (WinNT 5.00.2195) MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\PrevxCSI\prevxcsi.exe C:\WINNT\System32\svchost.exe C:\WINNT\wmssvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\Explorer.EXE C:\WINNT\System32\sistray.EXE C:\WINNT\System32\RunDll32.exe C:\Program Files\PrevxCSI\prevxcsi.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Clear.net O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [SiS Tray] C:\WINNT\System32\sistray.EXE O4 - HKLM\..\Run: [SiS KHooker] C:\WINNT\System32\khooker.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [PrevxCSI] "C:\Program Files\PrevxCSI\prevxcsi.exe" /bootupreg O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{714E928F-D969-4DEF-87A2-C0CDC898B7A7}: NameServer = 203.97.33.1 203.97.37.1 O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe -- End of file - 2537 bytes |
dunno (1572) | ||
| 689068 | 2008-07-16 05:47:00 | Tick this entry, then tick fix checked C:\WINNT\wmssvc.exe |
Speedy Gonzales (78) | ||
| 689069 | 2008-07-16 05:48:00 | The C:\WINNT\wmssvc.exe is bad :lol: Speedy was too fast for me! |
Agent_24 (57) | ||
| 689070 | 2008-07-16 06:19:00 | i can not tick C:\WINNT\wmssvc.exe it only comes up on the saved log not the actual place that i can tick, also i just had somthing pop up called Dr Watson for Windows 2000 what on earth is that HELP :help: :badpc: |
dunno (1572) | ||
| 689071 | 2008-07-16 06:33:00 | Boot into safe mode again then search for wmssvc.exe and then delete it And then search for wmsncs.exe, csrs.exe, and delete them |
Speedy Gonzales (78) | ||
| 689072 | 2008-07-16 07:23:00 | I have deleted what Speedy told me to, when i re booted back to normal mode this is what came up Cannot find the file "C:\WINNT\Fonts\wmsncs.exe (or one of its components) Make sure the path and filename are correct and that all required libraries are available. Also after d/l trojan remover when I went to open this is what the dumb computer told me: The file trsetup-0.bin is missing from the installation directory. Please correct the problem or obtain a new copy of the program |
dunno (1572) | ||
| 689073 | 2008-07-16 07:28:00 | Thats good at least its no longer on the system Get trojan remover again and see if it'll install now |
Speedy Gonzales (78) | ||
| 689074 | 2008-07-16 08:16:00 | i have tried to d/l trojan remover but i still get the same message as previous post now what | dunno (1572) | ||
| 689075 | 2008-07-16 08:20:00 | Not much you can do about it, by the sounds of it the files for this worm / whatever it is have gone You may have to try something else like This (http://www.malwarebytes.org) Install it update it then click on scan Have you rebooted since ?? If you havent reboot now |
Speedy Gonzales (78) | ||
| 689076 | 2008-07-16 08:52:00 | Hello, i tried to d/l malware and it went ok until i went to setup and it came up with the same error report that trojan remover did :badpc: i also rebooted and the (cannot find file error did not come up this time) |
dunno (1572) | ||
| 1 2 3 4 5 | |||||