Download the Tom's Hardware App from the App Store
The reference for current tech news
Yes No
Tom's Hardware > Forum > Applications > Security, Utilities, Anti-Malware > [Solved] Unusual Virus Problem [Microsoft Security Essentials] *continued

[Solved] Unusual Virus Problem [Microsoft Security Essentials] *continued

Forum Applications : Security, Utilities, Anti-Malware [Solved] Unusual Virus Problem [Microsoft Security Essentials] *continued

Related Content
You have searched for " [Solved] Unusual Virus Problem [Microsoft Security Essentials] *continued" . You might be interested in the following threads:

See more for " [Solved] Unusual Virus Problem [Microsoft Security Essentials] *continued"

Can't find your answer?
Ask!

Best answer from aford10.

Drivers & Firmware

|

Security, Utilities, Anti-Malware

|

Internet Applications

|

Multimedia

|

Graphics

|

Office

|

Enterprise Software

|

CAD

|

Programming

|

Other Software

|

Distributed Computing

Word :    Username :           
 
fasihxkhatib   01-04-2012 at 07:17:22 PM

Sorry for posting again but the thread was automatically closed 0.o

Original Post is here: http://www.tomshardware.com/forum/ [...] ls#t883744

I was suggested to use MalwareBytes and ComboFix.

My questions are :
1. what is 'safe mode with networking'. I know about safemode bt with networking?????
2. will I have to uninstall Microsoft Security Essentials to install these????
3. Is the interface of safemode similar to BIOS????

Suggestions plz and tell me abt that virus I mentioned in original post. I didnt get any info abt it

Message quoted 1 times
Reply to fasihxkhatib
Register or log in to remove.
fasihxkhatib   01-04-2012 at 07:19:26 PM

I guess Mlware Bytes should suffice because I guess I will mess up ComboFix

Reply to fasihxkhatib
Nikorr   01-04-2012 at 07:23:08 PM

1. what is 'safe mode with networking'. I know about safemode bt with networking?????


Keep pressing F8 on the start up

2. will I have to uninstall Microsoft Security Essentials to install these????


No, keep it.

3. Is the interface of safemode similar to BIOS????


No, it looks the same, it just will not start all the services, only those needed to run windows. So it may not wake up the virus.

------------------------------ Where there's smoke, there's fire...

 

Reply to Nikorr

Area51reopened   01-04-2012 at 08:07:36 PM

MalwareBytes is designed to be used in normal mode not safe mode.

------------------------------ http://i1123.photobucket.com/albums/l546/area51reopened/Moderator1-1.jpg
 Reply to Area51reopened
aford10   01-04-2012 at 09:59:33 PM

fasihxkhatib wrote :


My questions are :
1. what is 'safe mode with networking'. I know about safemode bt with networking?????
2. will I have to uninstall Microsoft Security Essentials to install these????
3. Is the interface of safemode similar to BIOS????

 

1. Safe mode with networking is essentially, the same exact thing as safe mode, except there are networking services active. This allows your scanners to update their virus databases before they scan.

 

2. No, you don't need to uninstall MSE, but you should shut it down when another scanner is running.

 

3. No, the BIOS and safe mode look very different. Depending on your specific BIOS, it will likely look similar to one of these:
http://img840.imageshack.us/img840/8215/asusp8p67evobios4.jpg

 

http://img15.imageshack.us/img15/7379/biosmk.jpg

 

Safe mode will look very similar to your normal windows desktop. There will just be less applications and services running.

 


I understand there is some debate on whether to run malwarebytes in safe mode with networking, or in normal windows mode. I strongly recommend running it in safe mode with networking. I've always found this method to be more effective. You can always run it again afterwards, in normal windows.

 

If you start at the beginning of the malware guide in my signature, it should clean up your system. If you have any questions, feel free to let me know.

 

Here's some information on the worm.
http://about-threats.trendmicro.co [...] M_POVGON.B


Message edited by aford10 on 01-04-2012 at 10:01:42 PM
------------------------------ CM HAF 932 / GIGABYTE GA-EP45T-DS3R / E8500 @ 3.75Ghz / 300GB Velociraptor / 4G DDR3 OCZ Reaper 1333
Saphire 1G 4850

Simple and Free Guide to Removing Malware
 Reply to aford10
fasihxkhatib   01-05-2012 at 04:39:18 AM

Network settings won't start in safe mode.
It says error 711. Remove Connection services couldn't be started in time. Please retry the operation.
How do i overcome this???

Reply to fasihxkhatib
aford10   01-05-2012 at 05:26:22 AM

I found someone with a similar problem. Here was their fix:

log on to Windows by Safe mode ... open My Computer , Go to your Windows Installed directory (eg . c:\windows\system32) , Open "LogFiles" folder inside system32 , then the "WMI" Folder ... You will find a Folder named RTBackup inside it . What you have to do is delete everything inside the RTBackup Folder and to do that you must be using administrative privileges in safe Mode ...

------------------------------ CM HAF 932 / GIGABYTE GA-EP45T-DS3R / E8500 @ 3.75Ghz / 300GB Velociraptor / 4G DDR3 OCZ Reaper 1333
Saphire 1G 4850

Simple and Free Guide to Removing Malware
 Reply to aford10
fasihxkhatib   01-05-2012 at 05:33:13 AM

Tell me more about RTbackup. What exactly does it do.

Reply to fasihxkhatib
aford10   01-05-2012 at 05:50:06 AM

It's a real time backup folder. As I've never done this personally, it may be better to copy that file to somewhere else before you do this. If it doesn't work as expected, then you can simply copy the folder back.

------------------------------ CM HAF 932 / GIGABYTE GA-EP45T-DS3R / E8500 @ 3.75Ghz / 300GB Velociraptor / 4G DDR3 OCZ Reaper 1333
Saphire 1G 4850

Simple and Free Guide to Removing Malware
 Reply to aford10
fasihxkhatib   01-05-2012 at 06:23:39 AM

LOL please, i don't wan2 carry out experiments :D

Reply to fasihxkhatib
aford10   01-05-2012 at 06:27:54 AM
Best answer

I'm sorry, but sometimes troubleshooting does involve some experimentation. As long as you make a copy of the folder, you can always replace it.

 

If the network services aren't running in safe mode with networking, then you can always start with the AVG rescue disc. That doesn't require running in safe mode with networking.


Message edited by aford10 on 01-05-2012 at 06:41:37 AM
------------------------------ CM HAF 932 / GIGABYTE GA-EP45T-DS3R / E8500 @ 3.75Ghz / 300GB Velociraptor / 4G DDR3 OCZ Reaper 1333
Saphire 1G 4850

Simple and Free Guide to Removing Malware
 Reply to aford10
fasihxkhatib   01-05-2012 at 11:58:22 AM

Big thanks goes out to the community for helping me out.
No malwares were detected on my machine. I guess it was a false positive, a fake threat.

Reply to fasihxkhatib
fasihxkhatib   01-05-2012 at 11:59:14 AM

I even went through the processes thoroughly and didnt find any suspicious activities...

Message quoted 1 times
Reply to fasihxkhatib
Nikorr   01-05-2012 at 12:05:39 PM

fasihxkhatib wrote :

I even went through the processes thoroughly and didnt find any suspicious activities...


At last : )

------------------------------ Where there's smoke, there's fire...

 

Reply to Nikorr

fasihxkhatib   01-05-2012 at 12:09:25 PM

yeh when security is compromised, the situation is more terrifying than watching a horror movie all alone :D

Message quoted 1 times
Reply to fasihxkhatib
Nikorr   01-05-2012 at 12:10:55 PM

fasihxkhatib wrote :

yeh when security is compromised, the situation is more terrifying than watching a horror movie all alone :D


Or when the pest is not letting u back in the PC : )

------------------------------ Where there's smoke, there's fire...

 

Reply to Nikorr

fasihxkhatib   01-05-2012 at 12:11:43 PM

how do I add images here from my drive?

Message quoted 1 times
Message edited by fasihxkhatib on 01-05-2012 at 12:12:30 PM
Reply to fasihxkhatib
Nikorr   01-05-2012 at 12:12:34 PM

fasihxkhatib wrote :

[img]C:\Users\HP\Desktop\Sec_Ess_Error.jpg[/img]

This is the error message


No pic.

------------------------------ Where there's smoke, there's fire...

 

Reply to Nikorr

fasihxkhatib   01-05-2012 at 12:14:53 PM

yeah I tried to upload the screen shot of the error message but it didnt upload.... bad.

Reply to fasihxkhatib
fasihxkhatib   01-05-2012 at 12:16:35 PM

is it possible that a malware/virus will not be seen in the processes?? I dont think so...

Reply to fasihxkhatib
Nikorr   01-05-2012 at 12:22:54 PM

I think they could be hidden, but I am not sure what some advanced rootkit can do...
Try Process Explorer, it offer more detail @ http://www.filehippo.com/download_process_explorer/

Reply to Nikorr
Register or log in to remove.
See all topics related to "Unusual Virus Problem [Microsoft Security Essentials] *continued"
Tom's Hardware > Forum > Applications > Security, Utilities, Anti-Malware > [Solved] Unusual Virus Problem [Microsoft Security Essentials] *continued
Go to:

There are 689 identified and unidentified users. To see the list of identified users, Click here.

Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 1.110 seconds
  • Ask the community now
  • Publish
Ad
Latest best answer
US
By oldmangamer_73, 92 days ago:

Of course it's possible. I believe you must be US citizen though. I would begin a...

They won a badge
Join us in greeting them
How do I win badges?
Partners