Here's one that got me for a while.
When you install any of the following, AVG Anti-Virus, Windows Defender, SpyBot Search & Destroy, Malwarebytes Anti-Malware, etc., and try to scan the system to remove any malware, the scan stops, the program closes, then it seems the files have been deleted (like the program was never installed).
Well, I took the drive out of the system and scanned it for virus'/malware/spyware, or so I thought.
Once I put the drive back, I continued to have the problem. So, after trying to research this for hours and looking at solutions and trying different things. I took the drive out and re-scanned it.
FOUND IT!! Trojan Crypt.BGE on the C:\Windows\System32\netlogon.dll file.
Deleted the file and copied it from a clean system.
Booted the machine back up and was able to install Malwarebytes Anti-Malware and scan and clean the system.
Then, I had a problem with installing Windows Defender. It had a permission problem and couldn't install key registry edits. This was resolved by resetting the permissions in the registery. (See: http://www.winhelponline.com/blog/reset-the-registry-and-the-file-permissions-in-windows-xp/ ). Okay, that fixed Defender.
Spybot wouldn't install. Stated the the 'SpyBotSD.exe' was already there. I couldn't even see it to delete it or just delete the main folder altogether. Took the drive out and hooked up to another machine and ran a basic chkdsk. This fix the File System. I was then able to delete the files and folder properly and reinstall Spybot. Okay, that one's fixed.
Lastly, AVG wouldn't install. There was again, another Registry edit error. This time I found that the permissions for the 'HKLM\Software\Microsoft\Windows NT\CurrentVerision\Windows' key wouldn't allow ANY edits. I took ownership of the key folder(changed administrator), tried to "Copy" permissons (Access Denied), tried to add "Administrators" group(Full Control), and just kept doing it over and over, then it stuck. Then the proper entries magically came up. I reinstalled AVG and SUCCESS!!Final scan of the hard drive and applied missing Microsoft updates and the computer is done and I can get it back to the owner.
WHEW! Glad that's over.
