Tech Support Forum - View Single Post

sUBs · 07-06-2005, 03:28 PM

Click [Start]>[Run], type services.msc into the [Open] editbox and click the [Ok] button.
Locate the Workstation Service Library (Microsoft Locator Service) service and double-click on it to open the Properties dialog.
Click the [Stop] button.
In the [Startup type] dropdown select [Disabled].
Click the [Apply] button and then the [Ok] button.
Close the Services window
Then start HiJackThis & go to [Config] > [Misc.Tools...] > [Delete an NT service...]
In the popup box that appears, type in Microsoft Locator Service & click the [OK] button.

~~~~~~~~~~~~~~~

Uninstall the following programs, if present, using [Control Panel]>[Add/Remove Programs] :

Side Search

Locate & delete this folder - C:\Documents and Settings\Ann Dinh\Application Data\Lycos

~~~~~~~~~~~~~~~

Run a scan with HiJackThis & select(tick) the following & click [Fix checked] :

O23 - Service: Workstation Service Library (Microsoft Locator Service) - Unknown owner - C:\WINDOWS\wkssvc.exe (file missing)

~~~~~~~~~~~~~~~

Using KillBox

Copy to clipboard, all the items below by highlighting them & pressing [CTRL]+[C] on your keyboard.

C:\WINDOWS\INF\biH.inf
C:\WINDOWS\SYSTEM32\Xcite.dll
C:\WINDOWS\SYSTEM32\Xcite.exe

Start KillBox.

Go to the [File] menu, and choose [Paste from Clipboard].
Verify that you've done this properly by clicking the dropdown-arrow next to the [Full Path of File to Delete] field. The filenames you pasted will be found in there.
Select/tick the following:
- "Delete on Reboot"
- "End Explorer Shell While Killing File"
- "Unregister.dll Before Deleting" if it's not grayed out.
Click the RED X button.
Click [Yes] at the 'Delete on Reboot' prompt. Click [Yes] at the Pending Operations prompt.

After rebooting, post a new log

07-06-2005, 03:28 PM	#4 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,473 OS: N/A	Click [Start]>[Run], type services.msc into the [Open] editbox and click the [Ok] button. Locate the Workstation Service Library (Microsoft Locator Service) service and double-click on it to open the Properties dialog. Click the [Stop] button. In the [Startup type] dropdown select [Disabled]. Click the [Apply] button and then the [Ok] button. Close the Services window Then start HiJackThis & go to [Config] > [Misc.Tools...] > [Delete an NT service...] In the popup box that appears, type in Microsoft Locator Service & click the [OK] button. ~~~~~~~~~~~~~~~ Uninstall the following programs, if present, using [Control Panel]>[Add/Remove Programs] : Side Search Locate & delete this folder - C:\Documents and Settings\Ann Dinh\Application Data\Lycos ~~~~~~~~~~~~~~~ Run a scan with HiJackThis & select(tick) the following & click [Fix checked] : O23 - Service: Workstation Service Library (Microsoft Locator Service) - Unknown owner - C:\WINDOWS\wkssvc.exe (file missing) ~~~~~~~~~~~~~~~ Using KillBox Copy to clipboard, all the items below by highlighting them & pressing [CTRL]+[C] on your keyboard. C:\WINDOWS\INF\biH.inf C:\WINDOWS\SYSTEM32\Xcite.dll C:\WINDOWS\SYSTEM32\Xcite.exe Start KillBox. Go to the [File] menu, and choose [Paste from Clipboard]. Verify that you've done this properly by clicking the dropdown-arrow next to the [Full Path of File to Delete] field. The filenames you pasted will be found in there. Select/tick the following: "Delete on Reboot" "End Explorer Shell While Killing File" "Unregister.dll Before Deleting" if it's not grayed out. Click the RED X button. Click [Yes] at the 'Delete on Reboot' prompt. Click [Yes] at the Pending Operations prompt. After rebooting, post a new log __________________ Question - what have you done for the community today?