Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WinSrv.exe


  • Please log in to reply
5 replies to this topic

#1 jmatc

jmatc

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 11 March 2005 - 08:28 PM

Hello,
This is my first post at this site and what brought me here was a Google search for WinSrv.exe. Basically I don't know much about computers so I'm looking for some help or advise.
I have a couple viruses that Norton cannot remove in this driver. They are an IRC.Trojan and a BAT.Trojan. I'm not sure how harmful they are but Norton has them at high risk.
What steps can I take to get rid of these viruses. Is it ok if I delete this file or driver and if so what would be the best method of doing so?
Thanks much,
Jason

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:20 PM

Posted 11 March 2005 - 11:27 PM

Run these online virus scanners:
http://www.pandasoftware.com/activescan/
http://housecall.trendmicro.com/

Are you using these basic security programs?

aČ free-a complementary product to antivirus software which is specialized in protection against harmful software. Antivirus software often features an inadequate protection against Trojans, Dialers and Spyware. aČ fills this gap.
Ad-Aware-A good program similar to SpyBot S & D.
Spybot S&D-Detects and removes spyware, of different types, from your computer.
SpywareBlaster-A good program that prevents spyware from being installed on your computer in the first place. This program is always running in the background, protecting your computer. It prevents the installation of bad active X controls found in web pages.
SpywareGuard-A nice compliment to SpywareBlaster. This allows you the option to prevent downloads that contain bad active X controls.

If not, you need to. These programs, updated and used regularly, will do a lot to keep your computer clean of spyware, trojans, keyloggers, browser hijackers, etc...

Download them, update them, and then run them.

Important:
Please read this tutorial on Spybot S&D before using it. Spybot can do SERIOUS damage, if not used properly.

If that doesn't help, then:

Read the pinned post in the HJT forum, here
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a couple of days to get a response, but, the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 jmatc

jmatc
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 11 March 2005 - 11:30 PM

Update-
I reboted in safe mode, I used VGA.. ran Norton and I was able to delete the files because at that time there was no active sharing occuring.
Hopefully this well help someone else with the same problem.

#4 jmatc

jmatc
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:20 AM

Posted 11 March 2005 - 11:45 PM

TG1911,
Thanks for your response, I didn't see it until after I posted my update. You have a lot of good stuff for me to look at this weekend. As it stands I do have Ad-aware and Spybot installed (although I may have already caused damage by using it, i'll need to read the tutorial). I wish I found this site earlier.
Thanks again, good vibes here!
Jason

#5 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:20 PM

Posted 12 March 2005 - 12:20 AM

Your welcome, jmatc.

We have quite a few Tutorials, that you might find helpful. Check 'em out.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#6 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:12:20 AM

Posted 12 March 2005 - 04:49 PM

TG1911,
Thanks for your response, I didn't see it until after I posted my update. You have a lot of good stuff for me to look at this weekend. As it stands I do have Ad-aware and Spybot installed (although I may have already caused damage by using it, i'll need to read the tutorial). I wish I found this site earlier.
Thanks again, good vibes here!
Jason

You need to make certain that you have the most current versions for all your malware programs. This is different than just updating the definitions files.

Adaware recently updated its version, now Adaware SE, and Spybot updated a short while ago.

Another program that will be invaluable is the Microsoft Anti-Spyware Beta currently offered as freeware.
Download it here:
http://www.microsoft.com/athome/security/s...re/default.mspx

You should of course update definitions files each time before running any of the above.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users