BleepingComputer.com: Virus Alert In Taskbar

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Virus Alert In Taskbar

#1 User is offline   pudding 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 6
  • Joined: 25-July 08

Posted 25 July 2008 - 09:37 AM

helloooo~

i've followed the general instructions on solving this issue by using malwarebytes' anti-malware...
it's no longer there,but i'm not too sure if there's any other infections...

sooo...is anyone out there kind enough to help me out here?
below is the saved logs after the scan:

Malwarebytes' Anti-Malware 1.23
Database version: 990
Windows 5.1.2600 Service Pack 2

9:54:18 PM 7/25/2008
mbam-log-7-25-2008 (21-54-18).txt

Scan type: Quick Scan
Objects scanned: 51347
Time elapsed: 9 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 20
Registry Values Infected: 0
Registry Data Items Infected: 11
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\bot.clicker (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bot.clicker.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{631f7200-642e-11db-bd13-0800200c9a66} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{631f7200-642e-11db-bd13-0800200c9a66} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0bb13e40-642e-11db-bd13-0800200c9a66} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{2de47cac-da9e-4b9b-84f6-7a6c5a03e91e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6dc6034a-a777-4dca-bd0d-8054c31b1d26} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c3661711-c008-41a4-8e26-ade10aed1e65} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fdkowvbp.bwfa (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fdkowvbp.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55034-365-6725323-22200) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (h:mm:ss tt) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\erfn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus-2008pro.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\grswptdl.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\nfavxwdbmfe.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\TmpRecentIcons\antivirus-2008pro.lnk (Rogue.Link) -> Quarantined and deleted successfully.



i'll be doing a second scan just in case and will post the second log again...

thanks plenty much!:D

#2 User is offline   pudding 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 6
  • Joined: 25-July 08

Posted 25 July 2008 - 09:50 AM

Here's the second logs from the second scan: (the results look good,but i don't know.)


Malwarebytes' Anti-Malware 1.23
Database version: 990
Windows 5.1.2600 Service Pack 2

10:49:44 PM 7/25/2008
mbam-log-7-25-2008 (22-49-44).txt

Scan type: Quick Scan
Objects scanned: 51311
Time elapsed: 10 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#3 User is offline   boopme 

  • To Insanity and Beyond
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 46,295
  • Joined: 10-September 04
  • Gender:Male
  • Location:NJ USA

Posted 25 July 2008 - 10:10 AM

Hello,this looks like an XP machine,so lets' just do these to be sure.

Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Next,run from safe mode after install and update.

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.

  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.

  • Click Close to exit the program.


How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook

#4 User is offline   pudding 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 6
  • Joined: 25-July 08

Posted 25 July 2008 - 11:01 AM

okay i'm scanning with superantispyware now...so sorry for the delay,had some problems installing the program,but it's okay now!

PS:am i supposed to scan in safe mode?'cos i can't install superantispyware under safe mode,so im doing it under normal mode...

#5 User is offline   boopme 

  • To Insanity and Beyond
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 46,295
  • Joined: 10-September 04
  • Gender:Male
  • Location:NJ USA

Posted 25 July 2008 - 11:04 AM

Istall from normal and run from safe. if you can't run from safe,run it from normal first and we'll go from there. let us know.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook

#6 User is offline   pudding 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 6
  • Joined: 25-July 08

Posted 25 July 2008 - 12:42 PM

okayokay,i'm so sorry!i never knew the scan would take so long...=\ but below are the log results...i did it in normal mode,couldn't scan in safe mode.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/26/2008 at 01:16 AM

Application Version : 4.15.1000

Core Rules Database Version : 3514
Trace Rules Database Version: 1505

Scan type : Complete Scan
Total Scan Time : 01:17:11

Memory items scanned : 386
Memory threats detected : 0
Registry items scanned : 5700
Registry threats detected : 33
File items scanned : 123772
File threats detected : 30

Neopets Toolbar
HKLM\Software\Classes\CLSID\{CD292324-974F-4224-D074-CACA427AA030}
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}\InprocServer32
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}\InprocServer32#ThreadingModel
HKCR\CLSID\{CD292324-974F-4224-D074-CACA427AA030}\ProgID
C:\PROGRA~1\NEOPETS\TOOLBAR\TOOLBAR.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD292324-974F-4224-D074-CACA427AA030}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{CD292324-974F-4224-D074-CACA427AA030}
HKCR\Toolbar.Neopets
HKCR\Toolbar.Neopets\Clsid
HKU\S-1-5-21-484763869-926492609-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{CD292324-974F-4224-D074-CACA427AA030}

Adware.Tracking Cookie
C:\Documents and Settings\User\Cookies\user@gomyhit[3].txt
C:\Documents and Settings\User\Cookies\user@banners.battleon[2].txt
C:\Documents and Settings\User\Cookies\user@gomyhit[1].txt
C:\Documents and Settings\User\Cookies\user@serving-sys[2].txt
C:\Documents and Settings\User\Cookies\user@adbrite[1].txt
C:\Documents and Settings\User\Cookies\user@www.system-defender[1].txt
C:\Documents and Settings\User\Cookies\user@trafficmp[1].txt
C:\Documents and Settings\User\Cookies\user@banners2.battleon[2].txt
C:\Documents and Settings\User\Cookies\user@prospect.adbureau[2].txt
C:\Documents and Settings\User\Cookies\user@2o7[2].txt
C:\Documents and Settings\User\Cookies\user@tribalfusion[2].txt
C:\Documents and Settings\User\Cookies\user@kontera[2].txt
C:\Documents and Settings\User\Cookies\user@realmedia[1].txt
C:\Documents and Settings\User\Cookies\user@microsoftwga.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@ads.pointroll[1].txt
C:\Documents and Settings\User\Cookies\user@server.cpmstar[1].txt
C:\Documents and Settings\User\Cookies\user@bs.serving-sys[2].txt
C:\Documents and Settings\User\Cookies\user@ads.veoh[2].txt
C:\Documents and Settings\User\Cookies\user@virusremover2008[1].txt
C:\Documents and Settings\User\Cookies\user@adopt.euroclick[1].txt
C:\Documents and Settings\User\Cookies\user@msnportal.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@interclick[1].txt
C:\Documents and Settings\User\Cookies\user@wmvmedialease[1].txt

Trojan.Svchosts
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CLIENT_IP-IPX\0000#DeviceDesc
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX#Type
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX#Start
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX#ObjectName
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX\Security
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\Client IP-IPX\Enum#NextInstance

Rogue.Antivirus 2008 PRO
C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMP\DSSC32.EXE
C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\1B7B5D0E\ANTIVIRUS2008PRO[1].EXE

NotHarmful.Sysinternals Bluescreen Screen Saver
C:\DOCUMENTS AND SETTINGS\USER\MY DOCUMENTS\MY RECEIVED FILES\SCREENSAVER.SCR

Trace.Known Threat Sources
C:\Documents and Settings\User\Local Settings\Temp\Temporary Internet Files\Content.IE5\PY5U80X7\ack[1].htm
C:\Documents and Settings\User\Local Settings\Temp\Temporary Internet Files\Content.IE5\JLA4TP41\wtd[1].htm
C:\Documents and Settings\User\Local Settings\Temp\Temporary Internet Files\Content.IE5\KF9VRRVM\wtd[1].htm

This post has been edited by pudding: 25 July 2008 - 12:43 PM

#7 User is offline   tia08 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 191
  • Joined: 02-July 08

Posted 25 July 2008 - 01:21 PM

Do we have to be instructed to run http://www.superantispyware.com/

?
I wanna run that on my machine is it safe?

#8 User is offline   quietman7 

  • Bleepin' Janitor
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 25,111
  • Joined: 09-July 05
  • Location:Virginia, USA

Posted 25 July 2008 - 04:46 PM

Hello tia08

If you have an issue or problem you would like to discuss, please start your own topic. Doing that will help to avoid the confusion that often occurs when trying to help two or more members in the same thread with different problems. Even if your problem is similar to the original poster's problem, the solution could be different based on the kind of hardware, software, system requirements, etc. you are using and the presence of other malware. Further, posting for assistance in someone else's topic is not considered proper forum etiquette.

However, if SAS is just a program you want to install and use, then yes its safe to do that.
Microsoft MVP - Consumer Security 2007-2012 Posted Image
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#9 User is offline   quietman7 

  • Bleepin' Janitor
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 25,111
  • Joined: 09-July 05
  • Location:Virginia, USA

Posted 25 July 2008 - 04:47 PM

pudding what seems to be the problem with safe mode?
Microsoft MVP - Consumer Security 2007-2012 Posted Image
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#10 User is offline   pudding 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 6
  • Joined: 25-July 08

Posted 26 July 2008 - 01:10 AM

i don't know,the program just won't open even though i clicked on it a lot of times...

but anyway,is there a difference between running it on normal mode or safe mode?

PS:there's no more problems with my computer anymore right?

#11 User is offline   quietman7 

  • Bleepin' Janitor
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 25,111
  • Joined: 09-July 05
  • Location:Virginia, USA

Posted 26 July 2008 - 07:04 AM

"Safe Mode" is a troubleshooting mode designed to start Windows with minimal drivers and running processes to diagnose problems with your computer. This means some of the programs that normally run when Windows starts will not run.

Why use safe mode? The Windows operating system protects files when they are being accessed by an application or a program. Malware writers create programs that can insert itself and hide in these protected areas when the files are being used. Using "Safe Mode" reduces the number of modules requesting files to only the essentials to make your computer functional. This in turn reduces the number of hiding places for malware, making it easier to find and delete the offending files when performing scans with anti-virus and anti-malware tools. In most cases, performing your scans in "Safe Mode" speeds up the scanning process.

However, if you are having a problem, then go ahead and scan in normal mode for now.
Microsoft MVP - Consumer Security 2007-2012 Posted Image
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#12 User is offline   pudding 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 6
  • Joined: 25-July 08

Posted 26 July 2008 - 10:24 AM

oh i see.thanks so much for your help!you guys really rock.:D

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users