Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win32/Malagent Help please ! [Closed]


  • This topic is locked This topic is locked

#1
JustinD

JustinD

    Member

  • Member
  • PipPip
  • 41 posts
I literally just built my computer 2 days ago and I suddenly got this virus, I have no clue where and how I got it from I just downloaded league and browsed on youtube and the typical social networking sites. My Symantec reports a few but I'm not sure where it detects it, and when I use MSE it says it's

The following error occurred: Error code 0x80070021. The process cannot access the file because another process has locked a portion of the file.

Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

Items:
file:C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\SRTSP\Quarantine\APQ3F50.tmp

Get more information about this item online.

When I try removing it, it stops at 75% and doesn't continue. I used MalwareBytes and it detected nothing. I really need to get rid of this, I just got my computer and I already have a virus, please help !
  • 0

Advertisements


#2
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
Hi JustinD and welcome at GeekstoGo!

I'm crooleeck and I'll try to help you. But first please notice that I'm not limitless, I'm not familiar with all software, I don't know everything. However, it has taken me years to learn what I know. I would be glad to help you.

Fight against malware is NOT instantaneous, most infections require several courses of action to completely eradicate. It's also time-consuming, so be patient! We all like to know final result, so if you have since resolved the issues you were originally experiencing, or have received help elsewhere, please post.

Note:
  • Please watch this topic.
  • Do exactly - step by step - what I wish for. Don't be afraid! If there's anything you don't understand, stop and ask!
  • Please don't run unsupervised tools or fix on your own without my direction - it can be dangerous.
  • You must reply within 3 days or your topic will be closed

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

Step 1:
Posted ImageOTL
OTL is currently our primary tool for searching key areas of the registry and other system locations for the telltale signs of malware. It generates a comprehensive log, and offers an initial diagnosis.

  • Download OTL to your desktop.
  • Double click on the OTL icon to run it.
    Posted Image
    Make sure all other windows are closed and to let it run uninterrupted.
  • Select: options:
    • All users.
    • 64-bit scan if appears.
    • Under Extra registry select Use SafeList
    • LOP Check
    • Purity Check
      Posted Image
  • Under the Custom Scan box paste this in:

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Run scan button.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.
Posted Image

Step 2:
MBR fix:
[list][*]Download aswMBR to your desktop.
[*]Double click the aswMBR.exe to run it.
[*]Agreed to update.
[*]Click the Scan button to start scan.

Posted Image

[*]On completion of the fix click Save log, save it to your desktop as mbrfix.txt and post in your next reply.
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP