Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Rootkit/Malware identification and/or removal
Message
<blockquote data-quote="Enigmas" data-source="post: 703032" data-attributes="member: 68936"><p>I doubt it. Currently when I run Win Defender offline without networking enabled it terminates with the following DNS error. When I run with networking enabled it terminates without error and nothing are logged. Another computer on the same network that was/is infected with malware exits prematurely and/or leaves Win Defender disabled but logs the same event. When I download MSRT on either system 1 or more files are found infected. Then it ends with no malicious files found. I get same result when the scan are run on and offline. I read a post on microsoft forums that said this behavior are expected because files initially flagged are then re-checked online. Thus if true I should not get the same result offline? I should be able to see the file(s) infected since no network present prevents final confirmation? Please note I have not made any changes to this system since opening thread. However I did execute TDSKiller & other scans prior in order to regain control of the system. The following are prior results removed by Vipre 010418 on this system:</p><p></p><p>Traces of JS:Trojan.Script.CLR found: </p><p> 2 </p><p>Traces of JS.TeslaCrypt.4.Gen found: </p><p> 2</p><p>Traces of Generic.JS.DownloaderAD.8B2A32FC found:</p><p></p><p>1/6/2018 10:45:45 </p><p>Event ID 2001</p><p>Update Source: Microsoft Malware Protection Center</p><p> Signature Type: AntiVirus</p><p> Update Type: Full</p><p> User: NT AUTHORITY\NETWORK SERVICE</p><p> Current Engine Version:</p><p> Previous Engine Version: 1.1.14405.2</p><p> Error code: 0x80072ee7</p><p> Error description: The server name or address could not be resolved</p><p></p><p>1/6/2018 10:29:52</p><p>Event ID 2031</p><p>Windows Defender Antivirus has encountered an error trying to download and configure Windows Defender Offline.</p><p> Error code: 0x8000000a</p><p> Error description: The data necessary to complete this operation is not yet available.</p><p></p><p></p><p>010518 1223 </p><p>Windows Defender Antivirus scan has finished. </p><p> Scan ID: {9C487537-01C8-4D38-9E00-BFB149DC852F}</p><p> Scan Type: Antimalware</p><p> Scan Parameters: Quick Scan</p><p> User: NT AUTHORITY\SYSTEM</p><p> Scan Time: 0:02:39</p></blockquote><p></p>
[QUOTE="Enigmas, post: 703032, member: 68936"] I doubt it. Currently when I run Win Defender offline without networking enabled it terminates with the following DNS error. When I run with networking enabled it terminates without error and nothing are logged. Another computer on the same network that was/is infected with malware exits prematurely and/or leaves Win Defender disabled but logs the same event. When I download MSRT on either system 1 or more files are found infected. Then it ends with no malicious files found. I get same result when the scan are run on and offline. I read a post on microsoft forums that said this behavior are expected because files initially flagged are then re-checked online. Thus if true I should not get the same result offline? I should be able to see the file(s) infected since no network present prevents final confirmation? Please note I have not made any changes to this system since opening thread. However I did execute TDSKiller & other scans prior in order to regain control of the system. The following are prior results removed by Vipre 010418 on this system: Traces of JS:Trojan.Script.CLR found: 2 Traces of JS.TeslaCrypt.4.Gen found: 2 Traces of Generic.JS.DownloaderAD.8B2A32FC found: 1/6/2018 10:45:45 Event ID 2001 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.14405.2 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 1/6/2018 10:29:52 Event ID 2031 Windows Defender Antivirus has encountered an error trying to download and configure Windows Defender Offline. Error code: 0x8000000a Error description: The data necessary to complete this operation is not yet available. 010518 1223 Windows Defender Antivirus scan has finished. Scan ID: {9C487537-01C8-4D38-9E00-BFB149DC852F} Scan Type: Antimalware Scan Parameters: Quick Scan User: NT AUTHORITY\SYSTEM Scan Time: 0:02:39 [/QUOTE]
Insert quotes…
Verification
Post reply
Top