malware/virus causes error 50

cannot reinstall trend micro , installed avg on update error 50, malware malbytes was deleted during first scan, super antispyware did not complete first scan
mdsmith52Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MetallimirkCommented:
Odd. I had a nasty malware one time. I ended up pulling out the HDD, slaving it to a second PC, and running malware bytes on it to clean it out. If you have a second PC you can do this (or add the HDD to an external case). The OS is probably infected. You can try booting in safe mode, installing malware bytes and running the check again. But this one sounds nasty to me.
0
younghvCommented:
Many current malware variants require that you install and run a 'rogue process stopper' before your scanner will work.

Read the details here:
Stop-the-Bleeding-First-Aid-for-Malware
Rogue-Killer-What-a-great-name

"Slave" and "Safe Mode" scans were common at one time, but there are several reasons to not use them any longer.

Details here:
Malware Fighting – Best Practices
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Thomas Zucker-ScharffSolution GuideCommented:
If your OS is trashed there is a way to do a noreformat reinstall of Windows.  I'll post a link tomorrow.
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

rpggamergirlCommented:
Not much info here so we need more info.

When the PC is already infected, you would have trouble installing an antivirus so it is easier to install a scanner that gets rid of the infection or at least de-activate it.
I wouldn't think of installing an antivirus right now when the system is already infected, just try and clean the infection using other scanners and then once the system is clean you can inslall an antivirus.

MalwareBytes was deleted during first scan? Do you mean it stopped scanning?


What other scanners have you tried cleaning the system?

Try TDSSkiller and combofix
http://support.kaspersky.com/viruses/solutions?qid=208280684


If the problem persists, download ComboFix and post thelog for us to check.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


You need to STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
mdsmith52Author Commented:
I tried rkill and it stopped one process. no change. I found a service called 4121245218:3720960522.exe running, but was unable to kill it in task mgr. The process is not in the startup or in the registry.
0
mdsmith52Author Commented:
I was able to find the process 4121245218:3720960522.exe in the registry. It was located Hkey_Local_Machine\system\controlset 002\services\2236a5f5. I removed the key and after restart the process respawned.
0
Thomas Zucker-ScharffSolution GuideCommented:
Here is the link for a non reformat rebuild of windows:

http://www.informationweek.com/news/windows/operatingsystems/189400897
0
Sudeep SharmaTechnical DesignerCommented:
@mdsmith52,

Did you follow the advice from Younghv and RPG?

Did you tried running Rogue Killer and MalwareBytes immeditely before rebooting?

Also did you tried, TDSSKIller and Combofix?

Please do provide the logs once  you ran those tools, all under Normal Mode.

Sudeep
0
mdsmith52Author Commented:
malware bytes wants to reboot after upgrade. i did not run malware bytes after removing the registry keys
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Word

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.