Please run the Microsoft® Windows® Malicious Software Removal Tool
Once you have run the tool then run a new HJT scan and post the log.
Administrator
Please run the Microsoft® Windows® Malicious Software Removal Tool
Once you have run the tool then run a new HJT scan and post the log.
Junior Member
Run Microsoft® Windows® Malicious Software Removal Tool and nothing found. Attached is a new HJT scan log. It's same as last time. Based on so many logs, how my machine looks like? Can I run Spyware and Virus scan now? Per your suggestion, I should not run these tools until you suggest me do that.
Administrator
What Spyware? You all ready have scanned with AVG Anti-spy, and the I am not certain what Spyware program you are talking about. You have SpywareGuard and AVG Anti-spy running in the background right now, too many progams can also cause problems and you just scanned with the Microsoft® Windows® Malicious Software Removal Tool.Can I run Spyware and Virus scan now?
Administrator
I want you to run HJT again.
Put a checkmark next to this entry;
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - First 4 Internet Ltd - C:\WINNT\system32\$sys$filesystem\$sys$DRMServer.e xe
When you have placed the checkmark then click the FIX button.
Reboot the computer.
Open HiJackThis and click on Config, then Misc Tools, and then press the Delete an NT service.. button. When it opens you should then enter this
$sys$DRMServer
Then click OK.
Reboot and run a new HJT scan and post the log.
Junior Member
Hi Judy,
After selected, fix, and reboot the machine, I can not delete NT service $sts$DRMServer. The message popped up is:
The service '$Sys$DRMServer' is enabled and/or running. Disable it first, using HijackThis itself (from the scan results) or the services.msc window.
I guess your first step (scan and fix) is for the same purpose, but somehow it's not working. I tried to find this service from services.msc window, but can not identity which service is corresponding to "$sys$DRMServer".
Bingo
Super Moderator
Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
On the page that opens, scroll down to $sys$DRMServer or Plug and Play Device Manager (Whichever is present) ... right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.
Next, run HJT, but instead of scanning, click on the 'None of the above, just start the program' button at the bottom of the choices. At the lower right, click on the 'Config' button, and then the 'Misc tools' button ... select 'Delete an NT Service' ... copy/paste the following into the box that opens, and press 'OK':
$sys$DRMServer or Plug and Play Device Manager (Whichever you found above)
a-squared Team - www.emsisoft.com
"Only those who fail greatly can ever achieve greatly" - Robert F. Kennedy
Microsoft Most Valuable Professional - Consumer Security (2007-2008)
Member - Alliance of Security Analysis Professionals - Since 2006
Linux Registered User # 363218
Junior Member
I can not stop the service. following "Microsoft Management Console" lessage popped out:Originally Posted by ShadowPuterDude
Could not stop the Plug and Play Device Manager service on local machine.
The service did not return an error. This could be an internal Windows error or an internal service error.
If the problem persists, contact your system adminstrator.
Any further suggestions?
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote