Infected with Win32:Malware-gen Need help

Hi,

Everytime I start my computer, avast informs me that the following malware was found and blocked : Win32:Malware-gen

This is what the report says :

5/15/2010 9:34:42 PM C:\WINDOWS\system32\fhyqzliq.dll [L] Win32:Malware-gen (0)
While moving file to chest, error occurred: Access is denied
During the file delete, error occurred: Access is denied
5/15/2010 9:34:48 PM C:\WINDOWS\system32\fhyqzliq.dll [L] Win32:Malware-gen (0)
While moving file to chest, error occurred: Access is denied
During the file delete, error occurred: Access is denied

I ran Malwarebytes’ Anti-Malware Quick Scan, and got this log:

Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 4103

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

15/05/2010 9:30:34 PM
mbam-log-2010-05-15 (21-30-34).txt

Scan type: Quick scan
Objects scanned: 132401
Time elapsed: 9 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\fhyqzliq.dll (Trojan.Agent) → Delete on reboot.

Now I’m out of ideas, please help.

Thanks.

If you are on a 32bit system run a boot time scan…!!
To remove locked files use this: http://www.malwarebytes.org/fileassassin.php
Report back your results…!
asyn

Have you rebooted as MBAM suggested so it can be removed ?

You could also have scheduled an avast boot-time scan which should have been able to deal with the access denied error as windows wouldn’t have completely started.

Windows XP SP3 has been out for almost two years and includes extra security protection. Not only that support in the form of security updates is due to be withdrawn in July I believe for XP SP2 or lower, unless you have XP SP3 then no more security updates.

The assasin didnt do the trick, it couldn’t delete the file.
;D
but the boot time scan worked. In fact found 3 other files, infected by the same malware.

Thanks for the solution.

You are welcome…!! :slight_smile:
asyn

You’re welcome, looks like that file was hiding other stuff, since the boot-time scan was able to get in before it could run it was able to detect the others.

@OP: Ok, your problem is solved, but please consider updating your OS as Dave stated…!!!
asyn