Results 1 to 4 of 4
  1. #1
    cozmic's Avatar
    Join Date
    Oct 2009
    Gender
    male
    Posts
    12
    Reputation
    10
    Thanks
    14

    Immediate help needed

    Ok so i have had this weird program that starts up every once in a while process is called winsnys.exe and its application is called GameMaker which i have not downloaded and it will keep opening itself up and continue this for a while till something happens that makes it stop or i restart my computer then everything is fine for a few days. I have found where the file is but every time i delete it it will re-create itself or if i try to change its properties it will create another file to fix it. My AVG found two registry keys related to the file but when i delete or modify it they instantly are fixed. Any help is appreciated.

  2. #2
    Alen's Avatar
    Join Date
    Oct 2007
    Gender
    male
    Location
    Liquid Generator
    Posts
    27,930
    Reputation
    2539
    Thanks
    4,216
    My Mood
    Fine
    Try a different AV (Kaspersky's trail, MS SE, Panda...) or go ninja on it. Safe mode & stuff + killing every daemon, process you can find and raping your startup / registry whilst trying to keep everything from falling apart. If you know the locations of all the files belonging (not just the one being run) just try a live session Linux and delete the virus from there.

  3. #3
    FangedBeast's Avatar
    Join Date
    Jan 2010
    Gender
    male
    Location
    England
    Posts
    1,884
    Reputation
    69
    Thanks
    143
    My Mood
    Stressed
    theres this program called i think file assasin and it [perma] deletes locked files ect... you might be able to delete some exe's or whatnot to corrupt it/make it not fuctional...

  4. #4
    SammyZee56's Avatar
    Join Date
    Sep 2009
    Gender
    male
    Location
    Seattle
    Posts
    27
    Reputation
    10
    Thanks
    4
    My Mood
    Chatty
    correctumundo. safe mode is going to be your best friend in any situation like this. in sounds like your phantom winsys is a virus or something of the sort but the 'regeneration' is nothing new. viruses almost always have multiple restore points so they can do exactly that but there are a bunch of sources that you can use to combat this. i'm a big fan of regrun (greatis, etc). you can send them a detailed report of your tasks, both visible and background, and if they find something, you can use their reanimator program to essentially make a system restore point where the virus doesnt exist. they also do a scan immediately after the bios loads so the chance of the virus in question hiding in the windows script is 0. good luck man.