Solved

Virus - MyWebSearch

Posted on 2013-01-22
7
649 Views
Last Modified: 2013-11-22
Ok...another infected computer.

I have scanned with Rkill (before each), MBAM, SAS, Hitman Pro and Rogue Killer.  Attached are logs.

The main issue she is having is that MSE will not stay on or update through Windows Updates (I have been able to update within the program)  I can not uninstall or update MSE.  See error message.

What is my next step.

Thank you for your assistance
Rkill-1.txt
mbam-log-2013-01-21--14-57-08-.txt
0
Comment
Question by:MagsMcKinley14
  • 5
  • 2
7 Comments
 
LVL 1

Assisted Solution

by:alatechsolutions
alatechsolutions earned 500 total points
ID: 38808536
TDSSKiller is a great rootkit scanner.
Also Kaspersky has a "virus scanner 2011" that can be downloaded which is great at getting tough viruses.

Have you tried a system restore? System file checker? I also like Eset's online scanner. You might give it a shot at getting the final "nasties" off the system. Good Luck!
0
 

Author Comment

by:MagsMcKinley14
ID: 38808558
I dislike when I hit enter it posts.  :-(  I just tried to edit my question since I wasn't finished and after I was done uploading and editing it said I was unauthorized.  arggggh  I will run TDSSKiller and Kaspersky.

She has no older System restore points than December 20 so that won't be much help.

I have not run a System File Checker, are you talking about running sfc /scannow?

I will run Eset's online scanner.

I searched error code 0x800705v4 and got this link - http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/cant-turn-on-mse-error-code-0x800705b4/04797ec4-efa8-40db-a382-8981ded7fedc?tm=1358916266349&tab=AllReplies#tabs  I will start on that tomorrow.
0
 
LVL 1

Accepted Solution

by:
alatechsolutions earned 500 total points
ID: 38808610
Yes sfc /scannow is what I was referring too. Here is a microsoft page with what looks to be a removal tool as well as manual instructions on how to remove MSE.
http://support.microsoft.com/kb/2435760

Also, I always try to outway "How long will this take to fix based on all the issues I am currently having" versus "How much stuff do they have and how long would it take me to just reload it, in which i KNOW it would be right when I am finished"

Good luck!
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:MagsMcKinley14
ID: 38820602
You can probably ignore the following but this is what I did - Got MSE to re-install yesterday and it was running beautifully until today (and I was so proud of myself).  This is what I was going to write.

Did a Clean boot after getting this message - Received this error code 0X80070645

Set a system restore point before starting (Which is now missing)

Found solutions...http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/error-code-0x80070645-when-installing-security/02415eb9-68df-4e09-bb6b-72fa4095bce3  - Remove registry key :
HKEY_CLASSES_ROOT > Installer > UpgradeCodes >26D13F39948E1D546B0106B5539504D9 there was no For Windows XP :
HKEY_CLASSES_ROOT > Installer > UpgradeCodes > 1F69ACF0D1CF2B7418F292F0E05EC20B  and this one http://www.explosiveknowledge.net/main/2012/07/22/mse_troubleshooting/  

MSE would not uninstall, re-install or update no matter what I did so I figured MSE and Microsoft Security Client where corrupt.  The computer never showed a Virus or Trojan simply PUPs.  The above got me up and running with MSE running as it should...then

I am now getting a folder opening to on the desktop when ever I restart C:\Programs\Microsoft and the folder that is showing is defaultpack.exe.  MSE is not working, my remote connection was just terminated (I've been using it all day).  Ran RKill...all new finding...Windows Service Integrity - many disabled.  Looks like I was wrong and there is something in the machine.  See attached.

I think it will be best (less brain damage) to re-install the OS.  It is a Dell Optiplex GX260 with Windows Professional.  I have a Dell disk with Windows Professional but I have found that with Dell (mainly) they don't always work, even with a valid OS product code.

HELP!!!!!!!!
Thank you.
0
 

Author Comment

by:MagsMcKinley14
ID: 38820608
Sorry...here is the RKill log
RKill-Log.JPG
0
 

Author Comment

by:MagsMcKinley14
ID: 38827362
I feel like I've been deserted.  Can some one please help?  I really value your assistance.  If this is the wrong area to continue I can close this and open another.  Please let me know asap.
Thank you,
Mags
0
 

Author Comment

by:MagsMcKinley14
ID: 38827874
Opening up another post...I need to work on this computer.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now