|Attention Before you read this tutorial, I highly recommend you check out my resources page for access to the tools and services I use to not only maintain my system but also fix all my computer errors, by clicking here!|
Wscntfy.exe is a system process that belongs to the Windows Security Center component of Microsoft Windows. The purpose of the wscntfy.exe process is to display a notification icon in your system tray pertaining to Windows updates, your firewall status and much more. The icon will usually display if for example, Windows Firewall has been disabled without a substitute in place.
By default, the wscntf.exe file is typically found in the following location:
Can I Disable Wscntfy.exe?
If you actively use the Windows Firewall to secure your operating system, disabling this process, will disable the firewall. However, if you have your own third-party internet security suite installed on your computer, then you can, safely disable this process, without compromising the security of your system.
Can I Terminate The Wscntfy.exe Process in Windows Task Manager?
No, it is not possible for you to do that. If you do attempt to end the wscntfy.exe process in Windows Task Manager, it will simply reload itself. In order to prevent this process from running in the background, you will need to disable Windows Security Center.
Ordinarily, I wouldn’t recommend this, because, despite the minimal increase in available system resources, disabling this process, will also prevent the Windows notification icons from popping up, which in most cases, tends to be very useful. However, if you’re adamant about removing this process, then you can do it, by doing the following:
1. First, boot into your computer with full administrative rights.
2. Once booted in, press + R, type Services.msc and click on OK.
3. This will load up Services, from here, double click on Security Center.
4. The Security Center Properties applet should appear, from here, click on Stop (to stop the process, if it’s currently running), then set Startup type to Disabled, using the drop down menu, and click on OK.
Dangers of Wscntfy.exe
Wscntfy.exe is a safe file, that comes as standard with the latest Microsoft operating systems. However, there are a number of viruses, Trojans and worms that are known to disguise themselves by using the wscntfy.exe file name.
Some of the most common malware files known to masquerade as the wscntfy.exe file are the following:
Troj/Banker-FZ (Location: %SystemRoot%)
This is a Trojan virus file, designed to steal sensitive data from your computer, such as passwords, and keystrokes, by taking periodic system screenshots.
Troj/Tanto-H (Location: %SystemRoot%)
This is another Trojan virus file, designed to give a hacker backdoor access to your computer.
W32/Spelit-A (Location: %SystemRoot%\System32)
This is a backdoor Trojan virus used for mass-mailing. This virus has a slight discrepancy in its file name (wsÃ§ntfy.exe) with the addition of the ‘a’ and ‘c’ special characters.
W32/Agobot-AHT (Location: %SystemRoot%\System32)
This is another backdoor Trojan virus, designed to give the hacker access to your computer. If you look closely at the file name (wcsntfy.exe), you will notice that the letters ‘c’ and ‘s’ are transposed.
If the wscntfy.exe file has been infected with a virus, then you may also receive the following error message:
“Wscntfy.exe tried to access port 3752.”
You should be on the lookout, for files that have, what appears to be a similar name to the legitimate wscntfy.exe process running on your computer. A combination of the above error message and multiple instances of the wscntfy.exe process running on your computer, are all signs of a possible virus infection.
Symptoms of Wscntfy.exe Viruses
The following are just some of the many tell-tell symptoms that a user may experience when he or she’s system has been infected with a wscntfy.exe virus:
- Legitimate processes are deleted and replaced with new infected ones.
- The computer is prevented from communicating with other systems across a network.
- The virus will use the reverse DNS lookup to retrieve the IP addresses of web sites.
- It will access or steal confidential information from your mail client software.
Note: The wscntfy.exe process is also known to consume a considerable amount of CPU resources (80% – 90%) for extended periods of time, adversely effecting system performance.
How to Fix It
When it comes to fixing problems associated with the wscntfy.exe process, there are several things that you can do. The solution that you do eventually adopt will depend greatly on how important this component is, to you. Anyway, continue reading for my solutions.
Run a Virus Scan
If you have disabled the wscntfy.exe process, following the steps outlined above, but is still seeing this very same process running in the background of your computer, then, as previously stated, there is a good chance your compute is infected. Again, multiple instances of the wscntfy.exe process, is also a strong indication of a virus infection.
In order to remove the virus, you will need to run a thorough malware scan of your computer, using the antimalware tool SpyHunter. This particular tool is amongst the very best in the marketplace, with the ability to scan, detect and repair virus, malware, adware and spyware infections, making it the ideal solution.
Anyway, you can acquire this product from the following link: http://www.compuchenna.co.uk/go/spyhunter
Note: It’s recommended that you regularly scan your computer for viruses. This can be done by setting up a monthly or weekly schedule (a feature available on SpyHunter), which will automatically run the antimalware tool when specified.
Run a Registry Scan
Trojan horse viruses, malware and spyware are all known for adding malicious entries to the Windows registry. The Windows registry is basically the central database, used by the operating system to store all the most important software and hardware data.
Thus, a vital aspect of removing malware from your computer involves running a full scan of the registry, so that it can detect and clear out any malicious entries it finds. It is possible for you to do this manually, by loading up the Registry Editor. However, this can prove to be very complicated for most users, and the risks can be quite big. Rendering a system inoperable is definitely not out of the question, especially if you accidently remove the wrong entry.
This is why it’s recommended that you adopt the automated solution, which involves using a registry repair tool, such as SpeedyPC Pro. The capabilities of SpeedyPC Pro allow it to scan, detect and repair faults within the registry in a matter of minutes. This will ultimately, resolve any linger computer errors, enhancing the overall performance of your computer.
Anyway, you can acquire SpeedyPC Pro, from the following link: http://www.compuchenna.co.uk/go/speedypcpro
Run System File Checker
If, after removing the virus infection from your computer, you are unable to use the Windows Security Center, then you can reinstall it, by using the System File Checker.
This tool will automatically scan through your computer, looking for missing or damaged system processes and replaces them, where applicable. This tool will not remove a virus infection, so if your system is infected, I recommend running the virus scan, however, once a file has been infected by a virus, it’s not uncommon for it to become permanently damaged, even after the virus has been removed. In such situations, the only viable option is to replace the file itself.
With that said, for step by step instructions on how to use this tool, I suggest you check out my post on SYSTEM THREAD EXCEPTION NOT HANDLED Errors.
If, for some reason, all of the above methods fail to repair the problem you are having with the wscntfy.exe process, then you can attempt the more drastic measure of reinstalling Windows. In order to do this, you will need your Windows OS CD and License code. Simply, put the CD into your computer, restart the system and follow the onscreen instructions.
Alternatively, if you do not have the Windows OS CD, which is all too common nowadays, as most systems come with the operating system pre-installed, then you can use Reimage, which is a Windows repair tool, designed to reinstall Windows on the fly, without the requirement of a CD and with little risk to your personal data.
Anyway, you can acquire this powerful tool from here: http://www.compuchenna.co.uk/go/reimage