"wscntfy.exe" is the Windows Security Center, introduced in Service Pack 2. It displays a tray icon indicating the status of updates, virus protection, and firewall.
wscntfy.exe can be disabled by going in to "Services" and disabling Security Center (not recommented).
Note: The wscntfy.exe file is located in the c:\windows\System32 folder. In other cases, wscntfy.exe is a virus, spyware, trojan or worm! Check this with Security Task Manager.
If you think you are infected submit a hijackthis log to the HJT Forum.How to submit a hijackthis logDownload Hijackthis
Try running the following from safe mode (Getting to safe-mode) Sysclean
you'll also need the virus template file from here lpt***.zip
remember to extract the contents of the zip file into the same folder as Sysclean.com
which is powered by the Kaspersky AV engine, you will need internet access to update it. If you haven't got net access in safe mode, update it before you use it.
If your good with the command line also try Sophos Command Line scanner
this command will scan all of your hdd's SAV32CLI.EXE -F -di -remove -dn -mbr -all -zip -p=avscanlog.txt and give you a log file to review afterwards.Also try installing and running A2 Free and Ewido
I'd also run Spybot(Spybot Tutorial)
and AdawareIf your using Win2K/XP run adaware/spybot from "safe mode with command prompt"
If your using Win9x just run it from safe mode the command line options aren't needed..At the C:\ prompt type the following:-
C:\progra~1\spybot~1\spybotsd.exe /autocheck /autofix
Scan suspect files at jotti
and Virus Total
which use multiple AV scan engines.
Edited by stidyup, 28 November 2005 - 03:54 AM.