Infection in the Registry

Post your questions here and our members will take a shot at helping you find the answers.
Post Reply
southpawsr
Posts: 107
Joined: March 11th, 2010, 1:00 pm

Infection in the Registry

Post by southpawsr » November 22nd, 2016, 3:00 pm

I have a Dell desktop running windows 7. It has all its updates. I have malwarebytes, spybot, superantispyware, and Avast. All are kept updated and run at least once a week.
For the past week I have been trying to get rid of 4 infections in the registry.Malwarebytes have picked up these 4 and quarantined them. The next time I run malwarebytes the show up again. I have two user accounts. admin and user(for the web). I have run malwarebytes on both users and these 4 infections show up on the results. I have restarted the computer as asked and run again and they show up again.
They are rootkit.Fileless.MTGEN (registry value)
rootkit.fileless MTGEN (registry Key)
Trojan.Fileless MTGEN (registry Value)
Trojan.Fileless.MTGEN (registry Value)
Would running CCleaner remove these. If not what would
Thanks for all your previous help.

User avatar
wd
Site Admin
Posts: 4046
Joined: March 11th, 2010, 1:00 pm
Location: Pa
Contact:

Re: Infection in the Registry

Post by wd » November 22nd, 2016, 8:32 pm

try the eset online scanner and the Sophos virus removal tool
https://www.sophos.com/en-us/products/f ... -tool.aspx
https://www.eset.com/us/online-scanner/ ... 2822342639

also a full scan from supearantispyware.com

southpawsr
Posts: 107
Joined: March 11th, 2010, 1:00 pm

Re: Infection in the Registry

Post by southpawsr » November 23rd, 2016, 4:47 pm

thanks Sophos is running now Then I'll do the full scan of superantispyware.. I also run the full scans on that and spybot. I will let you know the results.

User avatar
wd
Site Admin
Posts: 4046
Joined: March 11th, 2010, 1:00 pm
Location: Pa
Contact:

Re: Infection in the Registry

Post by wd » November 23rd, 2016, 6:12 pm

do the eset scanner to

southpawsr
Posts: 107
Joined: March 11th, 2010, 1:00 pm

Re: Infection in the Registry

Post by southpawsr » November 27th, 2016, 1:39 pm

Hello WD
I ran the Sophos virus removal tool in my user account and it found Mal/kovterlnk-a and Mal/kovterbat-a.I removed it per instructions. Then I ran it in my admin account and found the same two files. I also ran the scanner in both accounts. Lastly I ran all my programs, Malwarbytes, superantispyware, spybot and then Avast. All were run in the full or system scan. all came back clean. I was wondering: why did it find the same infection in the two accounts. I thought one registry for the entire computer , not for each account.
Thanks for all the help.

User avatar
wd
Site Admin
Posts: 4046
Joined: March 11th, 2010, 1:00 pm
Location: Pa
Contact:

Re: Infection in the Registry

Post by wd » November 27th, 2016, 1:46 pm

did eset scanner find and remove anything

southpawsr
Posts: 107
Joined: March 11th, 2010, 1:00 pm

Re: Infection in the Registry

Post by southpawsr » November 27th, 2016, 3:02 pm

no I ran the virus removal tool first then the scanner.

Post Reply

Return to “Computer Help and Support”