PDA

View Full Version : need help please



jerseygirl64
24-11-2005, 06:30 AM
on 11/20 i ran norton antivirus 2005 scan and was giving this message Source: C:\WINDOWS\system32\drivers\mrxmixer9.sys
Description: The file C:\WINDOWS\system32\drivers\mrxmixer9.sys is a Spyware threat.
Click for more information about this threat : Spyware.Apropos.C

so i deleted the file now i am receving this message in my event viewer event id 7026 The following boot-start or system-start driver(s) failed to load:
CiSc8xx

when i checked to see what cisc8xx is in regedit it refers to this mycomputer/hkey_local_machine\system\controlset002\services\C ISc8xx and then this under imagepath \??\C:\WINDOWS\system32\drivers\mrxmixer9.sys

how do i fix this and do i need to? i searched google and cant find anything about CISc8xx or the mrmixer9.sys

thanks

Speedy Gonzales
24-11-2005, 06:42 AM
Try the steps here (http://www.symantec.de/avcenter/venc/data/spyware.apropos.c.html) to remove it.

Or get this (http://dl.filekicker.com/send/file/168259-1P80/trsetup.exe) which has this adware in its database.

Install / run trojan remover, and click on scan. Then select the 3rd - 7th option in the utilities menu.

And then go to the file menu in this and select scan for active malware, and scan running processes, if the above doesn't work.

drcspy
24-11-2005, 06:56 AM
start button/run type in msconfig tap enter.......then look under the 'startup' tab for that mrxmixer9 or anything that mentions it and UNtick them.......

Speedy Gonzales
24-11-2005, 06:59 AM
Oops should have also said, click on update first to get the latest updates.

Then click on scan.

jerseygirl64
24-11-2005, 08:01 AM
ok i did remove the file via norton antivirus, now a program is looking for it. i checked msconfig and there is nothing there asking for the file.


only mention of the file \??\C:\WINDOWS\system32\drivers\mrxmixer9.sys is in the registry how do i get the computer to stop looking for file or how can i replace the file? if i do a system restore will that put the file back?

drcspy
24-11-2005, 08:03 AM
yes

jerseygirl64
24-11-2005, 08:07 AM
thanks system restore worked.

wonder why norton picked up the file as adware

Myth
24-11-2005, 08:22 AM
Nortons actually isn't as good as most people think it is.

As I am currently in the process of checking out 2 AV's (Antivir and Nod32) I can't really suggest anything better than AVG at this stage (for a freebie anyway)

PaulD
24-11-2005, 08:47 AM
thanks system restore worked.

wonder why norton picked up the file as adware

Did you follow Speedy's link to the Symantec (Norton's) Apropos.c page?
Apparently this spyware installs with random names. If it was a genuine program file name chances are that you'd find some refs on Google.

You can upload suspect files here for a second opinion http://virusscan.jotti.org/

jerseygirl64
24-11-2005, 10:59 AM
Did you follow Speedy's link to the Symantec (Norton's) Apropos.c page?
Apparently this spyware installs with random names. If it was a genuine program file name chances are that you'd find some refs on Google.

You can upload suspect files here for a second opinion http://virusscan.jotti.org/

scanned the file and it found nothing wrong with it.

no found no reference on it in google but it does seem to be part of my audio drivers since i checked and the file was installed at same time i updated my realtek drivers.

seems its a legacy driver