Windows 7 home premium SP1
Tree days ago i let my brother use my laptop and click on some wierd link and got infected with this virus.
1.- I ran a complete scan with McAffe and discover some malaware, got rid of them but immediately another problem emerged
2.- Security Center cant be started. I though that McAffe would blocked it but i was wrong. I made a check up with spybot and found this entry:
HKLM\System\CurrentControlSet\Services\wscsvc\Start!=W=2 (64 bit)
SpyBot S&D shows that the above line is a security breach, and it directs me
to this line in the registry.
I thought in going on safe mode and be able to destroy it but i was wrong, i ran a full scan with McAffe and found nothing, but saw that the Real Time Scanning was off and cant turned it on. I ran a scan with spybot on safe mode and continues popping that message and i keep getting the error. I checked up with dell support center aplication and show that McAffe firewall true status is "false" and i cant activate it either.
There are changes made in the antivirus, firewall, and SP1 update settings that shut them down. Any advice on how to correct the registry entries would be appreciated. I used Control Panel / Security settings, but the firewall was "locked OFF", and it would appear that I have lost administrator privileges to reset the firewall to "ON". Is it possible that the mscsvc key controls these settings?
Question. It seems that the wscsvc was an added entry created by the trojan, but im not that sure. Can i delete the entry?
I saved the spybot result scan ill attach them if you want to check them out
Message was edited by: snakemx on 4/17/11 10:21:16 AM CDT
Message was edited by: snakemx on 4/17/11 10:21:57 AM CDT
Message was edited by: snakemx on 4/17/11 10:24:24 AM CDT
Message was edited by: snakemx on 4/17/11 10:24:54 AM CDT
Message was edited by: snakemx on 4/17/11 11:56:58 AM CDT
Message was edited by: snakemx on 4/17/11 10:29:28 PM CDT