Msdt.exe corrupt disk error? Virus/Worm??

brusse01 · May 18, 2009

Hi all,

I was wondering if this msdt.exe corrupt error is caused by a win32 worm?
A Chkdsk was performed but errors keep happening. Also this msdt.exe error pops up while browsing the internet.

I am trying to help somebody else with this issue.... my own pc is ok.
I suggested that he run malwarebtyes and he said the scan came back clean.

so.... he did a clean install of the RC on the same partiton that used to have the Beta. he is now getting the msdt.exe error and also he is getting winsat.exe corrupt error when trying to run windows index experience.

I am kinda stumped .... I googled it and all things seem to point to a possible infected pc??.... registry errors??

thx for help and ideas

torrentg · May 18, 2009

I dunno. Malewarebytes is excellent but perhaps it doesn't have a definition yet for your friend's problem.

As a secondary opinion, you could possibly try scanning with Spybot Search & Destroy, XoftSpySE and/or HijackThis.

If those report clean as well, then I doubt there is an infection, but still possible.

Hopefully he did not try to use any patching software on the 7 install. Did he?

Have you checked the event viewer under windows logs?

Also, here is an excellent online scanner for single files, which uses multiple engines:

Jotti's malware scan

Finally, from an elevated command prompt, do this command:

sfc /scannow

compussrnj · May 18, 2009

brusse01, Could you please get a hold if the executable in question, and upload them to a free hosting site, such as rapidshare.com. I will take a look, and see if they are infected.

brusse01 · May 19, 2009

hi all...

i will have to ask him if he used any patches etc if he did... could be the culprit. will let ya know.
I did suggest to him the sfc/scannow option and he is going to do that ... still waiting for results.

I will try to get a logfile from him and try uploading it. The problem is I dont physically have his pc...

my instinct is telling me that he has a "infection" . I checked my own Task Manager and the processes and I dont have a msdt.exe. I looked in Services and noticed that the Distubuted Transaction Coordinator was set at manual.... maybe I should ask my friend to send me a pic of his Services and compare them?

thanks again for the help.....

Jacee · May 19, 2009

See this from Sophos:
W32/Tilebot-BQ Win32 worm (W32/Opanki.worm.gen) - Sophos security analysis

Startup Type:This startup entry is installed as a Windows NT, 2000, 2003, XP, or Vista service.
Service Name:MSDTService Display
Name:Microsoft Distributed Transaction

If this is the path .... c:\windows\msdt.exe ... disable the service, then delete the file. You may have to go into safe mode.

brusse01 · May 19, 2009

hi all...

update: he ran sfc/scannow and windows found corrupt files that couldnt be fixed. I am waiting for him to send me the log. He also said that after sfc/scannow he cannot access webpages.... i suggested to reset IE ... also asked if he was able to use a different browser.... still waiting for answer lol

I still suspect a bug .... my next guess would be hardware related. ie his hard drive.
I also suggested for him to do a FULL scan not a quick one with malwarebytes and his AV program. and to let me know if anything shows up. if this is a worm... will AV/malwarebytes be able to catch it??

and thx Jacee.... I will definitely try this and see if all his problems go away.

thx again for help...

Msdt.exe corrupt disk error? Virus/Worm??

brusse01

New member

My Computer

torrentg

New member

My Computer

compussrnj

New member

My Computer

brusse01

New member

Attachments

My Computer

Jacee

Consumer Security

My Computer

brusse01

New member

My Computer

Similar threads