G
Guest
is this a virus? and can i delete it from the computer?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
G
Guest
Probaly,
I would scan this file with 2 or 3 different virus scanners just to be sure,
check if any program you have installed uses this programs as a dependancy
(services.msc from cmd or run)
if not delete
I would scan this file with 2 or 3 different virus scanners just to be sure,
check if any program you have installed uses this programs as a dependancy
(services.msc from cmd or run)
if not delete
B
boytraitimyeu2000
Michael said:Probaly,
I would scan this file with 2 or 3 different virus scanners just to be sure,
check if any program you have installed uses this programs as a dependancy
(services.msc from cmd or run)
if not delete
L
Lanwench [MVP - Exchange]
In
Why would you think so? You haven't provided any info on it, or symptoms
you're having. It doesn't seem to be a Windows system file, but the way to
get rid of viruses is to do antivirus scans using good, updated antivirus
software. Same with malware/trojans - use software designed for that
purpose.
Deleting suspicious files themselves is rarely the way to go - they may just
pop back up again.
montanaframer said:is this a virus? and can i delete it from the computer?
Why would you think so? You haven't provided any info on it, or symptoms
you're having. It doesn't seem to be a Windows system file, but the way to
get rid of viruses is to do antivirus scans using good, updated antivirus
software. Same with malware/trojans - use software designed for that
purpose.
Deleting suspicious files themselves is rarely the way to go - they may just
pop back up again.
G
Guest
incident name: c:\windows\system32 KRNSVR32.DLLLanwench said:In
Why would you think so? You haven't provided any info on it, or symptoms
you're having. It doesn't seem to be a Windows system file, but the way to
get rid of viruses is to do antivirus scans using good, updated antivirus
software. Same with malware/trojans - use software designed for that
purpose.
Deleting suspicious files themselves is rarely the way to go - they may just
pop back up again.
i keep getting a window from trend micro stating "denied access"
detection name:ADW CYDOOR.E
L
Lanwench [MVP - Exchange]
In
Then you've got more info than you originally provided.
Did it show you a link for more info on this?
Did you go to the Trend Micro website and look for info on that name?
It's not a virus; it's malware (spyware, adware, whatnot).
If trend can't get rid of it, try something else, such as AdAware (latest
version) or MS Windows Defender Beta.
A good newsgroup for viruses/malware/etc is
microsoft.public.security.homeusers.
montanaframer said:incident name: c:\windows\system32 KRNSVR32.DLL
detection name:ADW CYDOOR.E
Then you've got more info than you originally provided.
Did it show you a link for more info on this?
Did you go to the Trend Micro website and look for info on that name?
It's not a virus; it's malware (spyware, adware, whatnot).
If trend can't get rid of it, try something else, such as AdAware (latest
version) or MS Windows Defender Beta.
A good newsgroup for viruses/malware/etc is
microsoft.public.security.homeusers.
G
Guest
Spot of googling suggests this is connected with the NSIS Meda Extension (or
Worm if you prefer!) and has an uninstaller in Control Panel. (which may or
may not work)
It might have arrived as foistware on the back of another program.
Worm if you prefer!) and has an uninstaller in Control Panel. (which may or
may not work)
It might have arrived as foistware on the back of another program.
D
David H. Lipman
From: "montanaframer" <[email protected]>
| is this a virus? and can i delete it from the computer?
For non-viral malware...
Please download, install and update the following software...
* Ad-aware SE v1.06
http://www.lavasoft.de/
http://www.lavasoftusa.com/
http://www.lavasoft.de/ms/index.htm
* SpyBot Search and Destroy v1.4
http://security.kolla.de/
http://www.safer-networking.org/microsoft.en.html
* SuperAntiSpyware
http://www.superantispyware.com/superantispywarefreevspro.html
After the software is updated, I suggest scanning the system in Safe Mode.
I also suggest downloading, installing and updating BHODemon for any Browser Helper Objects
that may be on the PC.
* BHODemon
http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d
For viral malware...
* Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe
To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.
C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.
You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm
Additional Instructions:
http://pcdid.com/Multi_AV.htm
* * * Please report back your results * * *
| is this a virus? and can i delete it from the computer?
For non-viral malware...
Please download, install and update the following software...
* Ad-aware SE v1.06
http://www.lavasoft.de/
http://www.lavasoftusa.com/
http://www.lavasoft.de/ms/index.htm
* SpyBot Search and Destroy v1.4
http://security.kolla.de/
http://www.safer-networking.org/microsoft.en.html
* SuperAntiSpyware
http://www.superantispyware.com/superantispywarefreevspro.html
After the software is updated, I suggest scanning the system in Safe Mode.
I also suggest downloading, installing and updating BHODemon for any Browser Helper Objects
that may be on the PC.
* BHODemon
http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d
For viral malware...
* Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe
To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.
C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.
You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm
Additional Instructions:
http://pcdid.com/Multi_AV.htm
* * * Please report back your results * * *
R
Ron Martell
montanaframer said:is this a virus? and can i delete it from the computer?
Google results indicate that this is a malware item, possibly
associated with NSIS software or at least it uses their install
folder. There will likely also be a file wmdmb32.dll which is also
part of the infestation as well as a file or files named NSnn.DLL
where nn is a 2 digit number.
Getting rid of it seems rather difficult. There is a lengthy
discussion at http://forums.winamp.com/showthread.php?postid=1980641
which may provide some ideas.
Good luck
Ron Martell Duncan B.C. Canada
--
Microsoft MVP (1997 - 2006)
On-Line Help Computer Service
http://onlinehelp.bc.ca
Syberfix Remote Computer Repair
"Anyone who thinks that they are too small to make a difference
has never been in bed with a mosquito."