Having problems with files appearing and updating my registry for the past 3-4 days. Files are sysentry.exe, dllmngr32.exe, svchostc.exe and regscan32.exe, hidden of course. Entries in the registry are RunServices and Run for HKLM and HKCU (Windows Registry Scan, and I can’t remember the others).
I’ve tried all sorts of scanners (Avast, AVG, Norton, McAfee), The Cleaner (trojan remover), Ad-Aware, Spybot, and others I can’t remember. Nothing !
I experienced weird behaviour. Task Manager right after the window popped up. Same thing for regedit.
After seeing unusual traffic on my dsl line, I start netstat and I see what looks like port scanning.
I’ve done the following steps to remove the files :
sysentry.exe is not a windows file. Google has nothing on it so it is suspicous.
dllmngr32.exe is also not a windows file and supicious. If you mean dllmgr32.exe than it definatly is a virus.
svchostc.exe is definatly a virus. (Zinx)
regscan32.exe is also not know to google and very likely also (part of) a virus.
Advise: Click on the link in my signature and follow the instructions on that page. Take your time and do everything step as suggested there. Let us us know if you still have problems after that.
I was just wondering. If after all those steps the problem is still there, would a low level format erase the nuisance ? I’m suspecting some sort of MBR virus since I did reformat the drive, reinstalled XP and the problem was still there (that was before I posted to this forum).
Should be safe with western digital’s tools I suppose.
I did update windows with all the latest patches. And usually right after installing windows I set up an antivirus and a firewall.
As for IE settings… I barely use the program. I use Opera, which I install almost as fast as the AV and FW.
Anyway thanks for the tips. Can wait to clean all that mess. But the low level format is quite tempting (hehe) since I don’t have any valuable data on that HD.
Here is another tip. After the installation of Windows, Firewall, AV and other applications that you use. Install all security patches/updates, make the required changes to settings. Than create a image of the drive. If something goes terribly wrong, you can use that image to get the system back up and running in 10-20 minutes.
Was the plan. I had another ghost for my other drive, a 10GB which I’ve sold. Thought it would work on the 40GB but never did. I just hate going through windows install and all the other soft I have to install, all those reboots (AAARGH).
First I did a low level format with the Western Digital utility. That got rid of the virus. I was so damn tired of scanning and scanning and scanning… I chose to write zeros.
Second, my PC was still freezing for no reason. I noticed that it was caused when I accessed my new HDD. So I chkdsk it and find bad sectors on it (it’s brand new). No wonder Partition Magic gave me errors when trying to partition. So I exchange the HDD and voilà ! System is working like a charm now…
I thought that the virus was jamming my system but it was the HDD.
