General [M]ayhem

Go Back   General [M]ayhem > Real Time Sub-Forums > CompuGlobalHyperMegaNet
Register Members List Mark Forums Read [M]erchandise Calendar

Reply
 
Thread Tools
?psalus
Apsalus
 
MS Security Essentials is being mussed v. probably infected.

My MSE icon disappeared from my systray in Win7 (it had been hidden I later found) so I went to open it via the Start menu where I was informed that the "msseces.exe has been changed or moved so the shortcut will no longer work properly."

I'm pretty sure I've picked something nasty up. msseces.exe is still running, but it doesn't pick anything up after a full scan. What should I do? Shut it down and grab Nod32 or use an online scanner?

-e- I also ran Spybot S&D after MSE came up empty-handed, but I haven't been paying attention to whether or not SB S&D is still a valid tool anymore, as it only found one tracking cookie.

Last edited by Apsalus; 04-21-2011 at 09:26 AM..
Old 04-21-2011, 09:19 AM ?psalus is offline  
Reply With Quote
#1  

Advertisement [Remove Advertisement]

fieroloki
 
safemode with networking and run malwarebytes, superantispyware and combo fix
__________________
FieroLoki
Old 04-21-2011, 09:35 AM fieroloki is offline  
Reply With Quote
#2  

hawk82
[G]enerous [M]otherucker
 
If the above doesn't fix the issue, or doesn't find any suspicious files, then try:

Reinstall MSE. I've seen issues where the update from the older version to the newer version (sorry can't remember the version numbers, newer version has a grey background with an offwhite netting) didn't work 100%. Reinstalling MSE fixed the issue.
__________________
some vaulted pics I saved:
http://www.fuckingright.com/genmay/vault-pics/
http://www.fuckingright.com/genmay/genmay-vault-pics.tar
http://www.fuckingright.com/genmay/funnypics/
http://www.fuckingright.com/genmay/funnypics_2007-01-30.rar
Old 04-21-2011, 11:00 AM hawk82 is offline  
Reply With Quote
#3  

?psalus
Apsalus
 
Quote:
Originally Posted by fieroloki View Post
safemode with networking and run malwarebytes, superantispyware and combo fix
I'll give that a go. Thanks.

Quote:
Originally Posted by hawk82 View Post
If the above doesn't fix the issue, or doesn't find any suspicious files, then try:

Reinstall MSE. I've seen issues where the update from the older version to the newer version (sorry can't remember the version numbers, newer version has a grey background with an offwhite netting) didn't work 100%. Reinstalling MSE fixed the issue.
Ah, interesting. I saw that attributed to my symptoms while pawing through the Google results, but after that hot piece of home video throwing a MSE red flag, I wasn't so sure that MSE in fact killed everything that I inadvertently unleashed. First infected .MOV that I've ever encountered (Rebhip.A worm).
Old 04-22-2011, 08:26 AM ?psalus is offline  
Reply With Quote
#4  

Typhoon43
 
Typhoon43's Avatar
 
combofix is always my absolute first step. Then I follow with SAS or Malwarebytes. Never had that combo not work. Good luck man.
__________________
I'm the King of Wishful Thinking.....
Old 04-22-2011, 08:35 AM Typhoon43 is offline  
Reply With Quote
#5  

Tex Arcana
I am a mean disrespectful person hiding anonymously and need an attitude adjustment.
 
Tex Arcana's Avatar
 
Weird... thankfully, I'm using NOD32, but I've been playing ALOT with themes and such, and had some oddball issues, so I thought I'd DL combofix and give it a whirl. Since upgrading to the newest Firefox, I got the little VirusTotal right-click tool, and so far it's coming back with some hits on the scans, which has me wondering if combofix itself isn't a fucking virus!!

Eh, I think I'll stick to the usual trio (NOD32, S:S&D, SAS, and MB), until something else comes up.
__________________
People should not be afraid of their governments. Governments should be afraid of their people.--V


Men heap together the mistakes of their lives, and create a monster they call destiny.
--John Hobbs


~~~ ~~~ Tea[m] Pyratex ~~~ ~~~
Old 04-22-2011, 10:26 AM Tex Arcana is offline  
Reply With Quote
#6  

fieroloki
 
Spybot isnt near as good as it used to be.... I dont even mess with it anymore.
__________________
FieroLoki
Old 04-22-2011, 10:43 AM fieroloki is offline  
Reply With Quote
#7  

zeos
 
here is what i do, assuming you can get into safe mode and explorer loads.

safe mode:
1. purera -> check all and run
2. ccleaner -> make sure to clear prefetch and java in addition to defaults
3. hijackthis -> remove stuff (if you don't know what to remove don't use hijackthis)
4. run malwarebytes, spybot, superantispyware, a-squared, and avira
5. after the programs have done their thing restart

regular mode:
1. combofix -> let install recovery console if it asks
2. rootkit revealer if 32bit os
3. remove and reinstall anti-virus program if necessary
4. reset ie
5. update system, java (remove old versions), flash, and adobe reader (if installed)

i uploaded this zip file with the programs that i mentioned.

http://www.mediafire.com/?5glch23r4bit0qm

in the anti-spyware folder there is the command line version of a-squared with a batch file that will update and scan, purera, ccleaner, malwarebytes, spybot, super antispyware portable, combofix, and hijackthis; malwarebytes and spybot are the only programs that require an install.

in the antivirus folder there are removal tools for several anti-virus programs and the command line version of avira with a batch file that updates and scans.

in the repair folder there are various utilities such as dial-a-fix, winsockfix, autoruns, processexplorer, etc.
Old 04-22-2011, 08:23 PM zeos is offline  
Reply With Quote
#8  

fieroloki
 
Why would you have him run any cleaning tools in normal mode? You want to run them in safe mode.
__________________
FieroLoki
Old 04-22-2011, 08:27 PM fieroloki is offline  
Reply With Quote
#9  

zeos
 
in my experience combofix has always worked better in normal mode.
Old 04-23-2011, 12:04 PM zeos is offline  
Reply With Quote
#10  

fieroloki
 
Odd
__________________
FieroLoki
Old 04-23-2011, 01:29 PM fieroloki is offline  
Reply With Quote
#11  

Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -7. The time now is 08:54 PM.



Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.