Hello,
I am afraid I am another victim of Malware-gen, as Avast likes to remind me :o(
I have followed all instructions found on other people’s posts but I guess each infection is specific so the removal parameters have to be as well…
So, instead I have followed the “Malwarebytes Anti-Malware” then “OTS” scan approach and I now hope someone can help me eradicate my unwanted visitor.
Could you guys please help my desperate self? :-[
More specifically, I have:
- Malwarebytes’ Anti-Malware
- Installed mbam and downloaded the update
- Performed a quick scan
- Restarted my PC
- Pasted the log file contents at the end of this post
- OTS
- Downloaded OTS
- Close all other programs (but Avast)
- Started OTS
- Checked the box that says Scan All Users
- Under Additional Scans checked the following:
- Reg - Shell Spawning
- File - Lop Check
- File - Purity Scan
- Evnt - EvtViewer (last 10)
- Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32*.dll /lockedfiles
%systemroot%\Tasks*.job /lockedfiles - Clicked “Run Scan”
- Uploaded the resulting log file here: http://www.mediafire.com/?b9y0vhdhh83bby3
===============================
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4610
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
14/09/2010 21:50:18
mbam-log-2010-09-14 (21-50-18).txt
Scan type: Full scan (C:|D:|)
Objects scanned: 311839
Time elapsed: 1 hour(s), 30 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\z\keygen.exe (Malware.Packer.Gen) → Quarantined and deleted successfully.
===========================================================
Again, thanks in advance!