mdsmith52
asked on
malware/virus causes error 50
cannot reinstall trend micro , installed avg on update error 50, malware malbytes was deleted during first scan, super antispyware did not complete first scan
Metallimirk
Odd. I had a nasty malware one time. I ended up pulling out the HDD, slaving it to a second PC, and running malware bytes on it to clean it out. If you have a second PC you can do this (or add the HDD to an external case). The OS is probably infected. You can try booting in safe mode, installing malware bytes and running the check again. But this one sounds nasty to me.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If your OS is trashed there is a way to do a noreformat reinstall of Windows. I'll post a link tomorrow.
Not much info here so we need more info.
When the PC is already infected, you would have trouble installing an antivirus so it is easier to install a scanner that gets rid of the infection or at least de-activate it.
I wouldn't think of installing an antivirus right now when the system is already infected, just try and clean the infection using other scanners and then once the system is clean you can inslall an antivirus.
MalwareBytes was deleted during first scan? Do you mean it stopped scanning?
What other scanners have you tried cleaning the system?
Try TDSSkiller and combofix
http://support.kaspersky.com/viruses/solutions?qid=208280684
If the problem persists, download ComboFix and post thelog for us to check.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
You need to STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Re-enable all the programs that were disabled during the running of ComboFix..
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
When the PC is already infected, you would have trouble installing an antivirus so it is easier to install a scanner that gets rid of the infection or at least de-activate it.
I wouldn't think of installing an antivirus right now when the system is already infected, just try and clean the infection using other scanners and then once the system is clean you can inslall an antivirus.
MalwareBytes was deleted during first scan? Do you mean it stopped scanning?
What other scanners have you tried cleaning the system?
Try TDSSkiller and combofix
http://support.kaspersky.com/viruses/solutions?qid=208280684
If the problem persists, download ComboFix and post thelog for us to check.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
You need to STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Re-enable all the programs that were disabled during the running of ComboFix..
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
ASKER
I tried rkill and it stopped one process. no change. I found a service called 4121245218:3720960522.exe running, but was unable to kill it in task mgr. The process is not in the startup or in the registry.
ASKER
I was able to find the process 4121245218:3720960522.exe in the registry. It was located Hkey_Local_Machine\system\
Here is the link for a non reformat rebuild of windows:
http://www.informationweek.com/news/windows/operatingsystems/189400897
http://www.informationweek.com/news/windows/operatingsystems/189400897
@mdsmith52,
Did you follow the advice from Younghv and RPG?
Did you tried running Rogue Killer and MalwareBytes immeditely before rebooting?
Also did you tried, TDSSKIller and Combofix?
Please do provide the logs once you ran those tools, all under Normal Mode.
Sudeep
Did you follow the advice from Younghv and RPG?
Did you tried running Rogue Killer and MalwareBytes immeditely before rebooting?
Also did you tried, TDSSKIller and Combofix?
Please do provide the logs once you ran those tools, all under Normal Mode.
Sudeep
ASKER
malware bytes wants to reboot after upgrade. i did not run malware bytes after removing the registry keys