Avast finds the same virus when starting the computer

Hello!

The thing is quite simple really. Basically Avast! has on multiple occasion found a virus (name below) when starting the computer. It moves it into the Virus Chest but then a few days later it again notifies that it has detected the virus and is moving it into the Virus Chest. To clarify - it doesn’t find the same virus in the Virus Chest.

Here is the name:

Win32:GenMaliciousA-EXK

What should I do? Please do help as I am anxious about these things.

Regards, Javon

https://forum.avast.com/index.php?topic=53253.0

I just scanned with MBAB and many files have been quarantined. Do I proceed with the instructions you posted or what should I do?

Continue please

Indeed, continue and attach the logs to your next post.

Alright posting these 3 for now as the aswMBR is taking forever. Will post that too when it is over.

Let me know how it is after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: AppInit_DLLs:  =>  File Not Found AppInit_DLLs-x32:  => "" File Not Found ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File CHR HKU\S-1-5-21-2820287756-745332414-2336416395-1003\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&q={searchTerms} Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKU\S-1-5-21-2820287756-745332414-2336416395-1003 -> No Name - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No File Toolbar: HKU\S-1-5-21-2820287756-745332414-2336416395-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File FF Plugin HKU\S-1-5-21-2820287756-745332414-2336416395-1003: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll No File U3 ab2i0lla; C:\Windows\System32\Drivers\ab2i0lla.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder) U3 avpvj0ze; C:\Windows\System32\Drivers\avpvj0ze.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder) 2015-03-07 20:51 - 2015-03-07 20:51 - 00000000 __SHD () C:\Users\J@Von\AppData\Local\EmieBrowserModeList 2015-03-29 13:44 - 2010-02-06 17:45 - 00000000 ____D () C:\Users\J@Von\AppData\Roaming\BSplayer 2015-03-07 20:51 - 2014-03-22 16:19 - 00000000 ____D () C:\Users\J@Von\AppData\Local\Conduit Task: {B4B1505C-A0C8-4B0D-A8D0-384D84F7C28C} - \BackgroundContainer Startup Task No Task File <==== ATTENTION EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

I’m back!

I was too busy to try this out and now I had the chance. I attached the two logs.

So what is my status?
Another thing to keep in mind is that before I got around to fixing this it didn’t happen daily so it may take some time before IF the thing is about reoccur.

Thanks,

Javon

Monitor it for a while and then when you are happy let me know and I will tidy up

What do you mean tidy up?

Safely remove the tools you have downloaded :slight_smile: