Improve company productivity with a Business Account.Sign Up

x
?
Solved

Virus - MyWebSearch

Posted on 2013-01-22
7
Medium Priority
?
682 Views
Last Modified: 2013-11-22
Ok...another infected computer.

I have scanned with Rkill (before each), MBAM, SAS, Hitman Pro and Rogue Killer.  Attached are logs.

The main issue she is having is that MSE will not stay on or update through Windows Updates (I have been able to update within the program)  I can not uninstall or update MSE.  See error message.

What is my next step.

Thank you for your assistance
Rkill-1.txt
mbam-log-2013-01-21--14-57-08-.txt
0
Comment
Question by:Mags
  • 5
  • 2
7 Comments
 
LVL 1

Assisted Solution

by:alatechsolutions
alatechsolutions earned 2000 total points
ID: 38808536
TDSSKiller is a great rootkit scanner.
Also Kaspersky has a "virus scanner 2011" that can be downloaded which is great at getting tough viruses.

Have you tried a system restore? System file checker? I also like Eset's online scanner. You might give it a shot at getting the final "nasties" off the system. Good Luck!
0
 

Author Comment

by:Mags
ID: 38808558
I dislike when I hit enter it posts.  :-(  I just tried to edit my question since I wasn't finished and after I was done uploading and editing it said I was unauthorized.  arggggh  I will run TDSSKiller and Kaspersky.

She has no older System restore points than December 20 so that won't be much help.

I have not run a System File Checker, are you talking about running sfc /scannow?

I will run Eset's online scanner.

I searched error code 0x800705v4 and got this link - http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/cant-turn-on-mse-error-code-0x800705b4/04797ec4-efa8-40db-a382-8981ded7fedc?tm=1358916266349&tab=AllReplies#tabs  I will start on that tomorrow.
0
 
LVL 1

Accepted Solution

by:
alatechsolutions earned 2000 total points
ID: 38808610
Yes sfc /scannow is what I was referring too. Here is a microsoft page with what looks to be a removal tool as well as manual instructions on how to remove MSE.
http://support.microsoft.com/kb/2435760

Also, I always try to outway "How long will this take to fix based on all the issues I am currently having" versus "How much stuff do they have and how long would it take me to just reload it, in which i KNOW it would be right when I am finished"

Good luck!
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 

Author Comment

by:Mags
ID: 38820602
You can probably ignore the following but this is what I did - Got MSE to re-install yesterday and it was running beautifully until today (and I was so proud of myself).  This is what I was going to write.

Did a Clean boot after getting this message - Received this error code 0X80070645

Set a system restore point before starting (Which is now missing)

Found solutions...http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/error-code-0x80070645-when-installing-security/02415eb9-68df-4e09-bb6b-72fa4095bce3  - Remove registry key :
HKEY_CLASSES_ROOT > Installer > UpgradeCodes >26D13F39948E1D546B0106B5539504D9 there was no For Windows XP :
HKEY_CLASSES_ROOT > Installer > UpgradeCodes > 1F69ACF0D1CF2B7418F292F0E05EC20B  and this one http://www.explosiveknowledge.net/main/2012/07/22/mse_troubleshooting/  

MSE would not uninstall, re-install or update no matter what I did so I figured MSE and Microsoft Security Client where corrupt.  The computer never showed a Virus or Trojan simply PUPs.  The above got me up and running with MSE running as it should...then

I am now getting a folder opening to on the desktop when ever I restart C:\Programs\Microsoft and the folder that is showing is defaultpack.exe.  MSE is not working, my remote connection was just terminated (I've been using it all day).  Ran RKill...all new finding...Windows Service Integrity - many disabled.  Looks like I was wrong and there is something in the machine.  See attached.

I think it will be best (less brain damage) to re-install the OS.  It is a Dell Optiplex GX260 with Windows Professional.  I have a Dell disk with Windows Professional but I have found that with Dell (mainly) they don't always work, even with a valid OS product code.

HELP!!!!!!!!
Thank you.
0
 

Author Comment

by:Mags
ID: 38820608
Sorry...here is the RKill log
RKill-Log.JPG
0
 

Author Comment

by:Mags
ID: 38827362
I feel like I've been deserted.  Can some one please help?  I really value your assistance.  If this is the wrong area to continue I can close this and open another.  Please let me know asap.
Thank you,
Mags
0
 

Author Comment

by:Mags
ID: 38827874
Opening up another post...I need to work on this computer.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Can I legally transfer my OEM version of Windows to another PC?  (AKA - Can I put a new systemboard in my OEM PC?) Few of us are both IT and legal experts but we all have our own views of Microsoft's licensing rules and how they apply.  There are…
Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

608 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question