try to remove win32:malware-gen

hello, i want to remove the win32:malware-gen, here are the aswMBR log file
a full scan with avast show that i have this malware, and cannot connect to www.google.com

please help

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?

hello, file are A0063462.dll on c:\systen volume information_restore… thanks

Well avast should have been able to deal with this infected restore point, did you not send it to the avast chest ?

  • Infected Restore Points:
    There really is little benefit in chasing a detection in the system volume information folder. It is only there because it had previously been deleted or moved from the system folders and this is a back-up created by system restore.

  • Worst case scenario it isn’t infected and you delete it, you can’t use that restore point in the future, not much of a loss and the older the restore point is the less of an issue it is.

  • So if there is any suspicion about a restore point then it is best removed from the system volume information folder or it could bite you in the rear at some point in the future when you use system restore if it included that restore point.

####
The google issues is likely to be unrelated to this as the restore point should be inert unless you use system restore to restore it.

If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

PLEASE HELP i have this for a week i try spyboot, avg, avast, avira, all programs found this win32 malware-gen they remove the file i delete the file from chests etc but the problem are

i cannot connect to google.com to google account to google gmail or more internet sites…

PLEASE HELP
give me real programs that work or tell me the step in regedit to remove this malware…

hello again

i download the malwarebytes anti-malware

i provide with log file after scan

thanks a lot

hello again,

here are the log from malwarebytes anti-malware

please help

hello again

also another log from malwarebytes anti-malware

an ip 95.64.61.159 (probably from romania) try to access my computer

PLEASE ADVICE SOLUTION
THANKS A LOT

Hi I will need some further data to find this

Download OTL to your Desktop

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[*]Select All Users
[*]Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U*.* /s
CREATERESTOREPOINT

[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Attach both logs

hello again,

thanks a lot here are the logs

You appear to have a lot of keygens on your system - not only is this illegal but it is a surefire way of getting some very nasty infections which will take all your confidential data - be warned

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL

:Reg

:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]


[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

hello,

i do as you said

here are the log from the “run fix”

also the log from the final OTL fun

please tell me if i am ok but
now i can access google.com

thanks in advance

It was a simple host file hijack… Any further problems ?

hello,

no, now the computer runs faster
and i can access google.com google account and gmail

i am ok

thanks again

Run OTL and press the cleanup button to remove it ;D

hello,

must run again the OTL and select CLEANUP ?

Yes just start the programme and press the cleanup button only