Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MSE been disabled by virus


  • This topic is locked This topic is locked
5 replies to this topic

#1 Space Collective

Space Collective

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 PM

Posted 11 May 2013 - 07:46 PM

I downloaded an .exe file, and ran it, it popped up and disappeared very quickly

 

seemed strange so I scanned it with MSE, and nothing was found, then seconds later I receive a 'action centre' message saying MSE has been disabled, and when I click on the message it says MSE can't be started, when I try to open MSE independently it says " Windows cannot access the specified device, path, or file. you may not have the appropriate permissions to access the item."(even ran as administrator). I  don't know if the action of scanning stop MSE or if it would have happened anyway, but windows defender has been disabled with all the same results, so i assume it would have anyway.

 

I have tried reinstalling MSE, but it says its already installed, when trying to uninstall current MSE its says "you do not have sufficient access to uninstall MSE. please contact your system administrator."

 

I have malwarebytes anti-malware installed, and have done a quick scan with nothing been found, have used Microsoft windows malicious software removal tool quick scan, with no results

 

I'm currently doing a full scan with malwarebytes but am not hopeful that it will find anything

 

I have seen other threads saying ending the process tree of rundll32.exe allows temporary access to MSE (before a reboot), but it hasnt worked for me

 

Cheers in advance, 

Ed



BC AdBot (Login to Remove)

 


#2 Space Collective

Space Collective
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 PM

Posted 11 May 2013 - 07:53 PM

Sorry forgot to mention, 

i use windows 7 home premium 64-bit



#3 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 15 May 2013 - 05:31 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)


Hello there, Ed

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#4 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 15 May 2013 - 05:32 AM

Hello there,

Please download DDS by sUBs from one of the following links and save it to your desktop.
  • Disable any script blocking protection (How to Disable your Security Programs)
  • Double click DDS icon to run the tool (may take up to 3 minutes to run)
  • When done, DDS.txt will open.
  • After a few moments, attach.txt will open in a second window.
  • Save both reports to your desktop.
---------------------------------------------------
  • Post the contents of the DDS.txt report in your next reply
  • Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD.
===================================================

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan
    • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
    • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
DDS log
aswMBR log
TDSSKiller log


Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#5 Space Collective

Space Collective
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 PM

Posted 15 May 2013 - 09:41 AM

I'm really sorry, i did a system restore to see if it made any change, and now i cant boot iton Win7, im in ubuntu at the moment, and am intending to do a clean install of Win7 as it's easier

 

Sorry for wasting your time, apologies



#6 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 15 May 2013 - 12:02 PM

Alright then. So I assume that you don't require any help? :)
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users