Solved

Virus - MyWebSearch

Posted on 2013-01-22
7
655 Views
Last Modified: 2013-11-22
Ok...another infected computer.

I have scanned with Rkill (before each), MBAM, SAS, Hitman Pro and Rogue Killer.  Attached are logs.

The main issue she is having is that MSE will not stay on or update through Windows Updates (I have been able to update within the program)  I can not uninstall or update MSE.  See error message.

What is my next step.

Thank you for your assistance
Rkill-1.txt
mbam-log-2013-01-21--14-57-08-.txt
0
Comment
Question by:MagsMcKinley14
  • 5
  • 2
7 Comments
 
LVL 1

Assisted Solution

by:alatechsolutions
alatechsolutions earned 500 total points
ID: 38808536
TDSSKiller is a great rootkit scanner.
Also Kaspersky has a "virus scanner 2011" that can be downloaded which is great at getting tough viruses.

Have you tried a system restore? System file checker? I also like Eset's online scanner. You might give it a shot at getting the final "nasties" off the system. Good Luck!
0
 

Author Comment

by:MagsMcKinley14
ID: 38808558
I dislike when I hit enter it posts.  :-(  I just tried to edit my question since I wasn't finished and after I was done uploading and editing it said I was unauthorized.  arggggh  I will run TDSSKiller and Kaspersky.

She has no older System restore points than December 20 so that won't be much help.

I have not run a System File Checker, are you talking about running sfc /scannow?

I will run Eset's online scanner.

I searched error code 0x800705v4 and got this link - http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/cant-turn-on-mse-error-code-0x800705b4/04797ec4-efa8-40db-a382-8981ded7fedc?tm=1358916266349&tab=AllReplies#tabs  I will start on that tomorrow.
0
 
LVL 1

Accepted Solution

by:
alatechsolutions earned 500 total points
ID: 38808610
Yes sfc /scannow is what I was referring too. Here is a microsoft page with what looks to be a removal tool as well as manual instructions on how to remove MSE.
http://support.microsoft.com/kb/2435760

Also, I always try to outway "How long will this take to fix based on all the issues I am currently having" versus "How much stuff do they have and how long would it take me to just reload it, in which i KNOW it would be right when I am finished"

Good luck!
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:MagsMcKinley14
ID: 38820602
You can probably ignore the following but this is what I did - Got MSE to re-install yesterday and it was running beautifully until today (and I was so proud of myself).  This is what I was going to write.

Did a Clean boot after getting this message - Received this error code 0X80070645

Set a system restore point before starting (Which is now missing)

Found solutions...http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/error-code-0x80070645-when-installing-security/02415eb9-68df-4e09-bb6b-72fa4095bce3  - Remove registry key :
HKEY_CLASSES_ROOT > Installer > UpgradeCodes >26D13F39948E1D546B0106B5539504D9 there was no For Windows XP :
HKEY_CLASSES_ROOT > Installer > UpgradeCodes > 1F69ACF0D1CF2B7418F292F0E05EC20B  and this one http://www.explosiveknowledge.net/main/2012/07/22/mse_troubleshooting/  

MSE would not uninstall, re-install or update no matter what I did so I figured MSE and Microsoft Security Client where corrupt.  The computer never showed a Virus or Trojan simply PUPs.  The above got me up and running with MSE running as it should...then

I am now getting a folder opening to on the desktop when ever I restart C:\Programs\Microsoft and the folder that is showing is defaultpack.exe.  MSE is not working, my remote connection was just terminated (I've been using it all day).  Ran RKill...all new finding...Windows Service Integrity - many disabled.  Looks like I was wrong and there is something in the machine.  See attached.

I think it will be best (less brain damage) to re-install the OS.  It is a Dell Optiplex GX260 with Windows Professional.  I have a Dell disk with Windows Professional but I have found that with Dell (mainly) they don't always work, even with a valid OS product code.

HELP!!!!!!!!
Thank you.
0
 

Author Comment

by:MagsMcKinley14
ID: 38820608
Sorry...here is the RKill log
RKill-Log.JPG
0
 

Author Comment

by:MagsMcKinley14
ID: 38827362
I feel like I've been deserted.  Can some one please help?  I really value your assistance.  If this is the wrong area to continue I can close this and open another.  Please let me know asap.
Thank you,
Mags
0
 

Author Comment

by:MagsMcKinley14
ID: 38827874
Opening up another post...I need to work on this computer.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Yet another Ransome ware 13 191
How to handle Ransom ware 23 108
Ransomware and encrypted backups 5 138
How do I allow access to an FTP server? 9 23
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question