I really need help to get this fixed. I’m a homeschooler and we are out of commission (computer-wise) until we get this fixed.

My computer was running slowly, cutting off for no reason and such so I ran a quick scan on my Avast (Home edition, the one you pay for) and it came up with 1 infected file:
c:\Program Files (x86)\Common Files\microsoft shared\Works shared\WksInetn.dll listed as Win 32: malware gen

I tried to move it to chest but it said that action was not allowed. So I deleted it. Still experiencing problems (Network Center would not load, links would not load pages that would come up in a new tab, etc) so I did a system restore. System restore was only available 2 days back though I had my system restore on and have used it previously with multiple restore points. Once I did the system restore, I ran Avast again and sure enough the same infected file was present. I got onto this site and read some other posts and dowloaded the Malwarebytes’ Anti-Malware program and ran it. I also downloaded CCleaner and ran it. However, I am still experiencing problems and my machine is not running like it was. Here is my Malwarebyte’s log:

Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 4419

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

8/11/2010 11:46:50 AM
mbam-log-2010-08-11 (11-46-50).txt

Scan type: Quick scan
Objects scanned: 145606
Time elapsed: 7 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Any assistance would be so greatly appreciated. Also, how would this type of file end up on my computer and why didn’t Avast catch it when it first came on?

Thanks!!!

Candy

Sorry I didn’t include this initially. Here is the link to the OTL logs:

Internet Explorer 8 is much better than 7

Stay Safer Online
http://www.microsoft.com/windows/internet-explorer/features/safer.aspx

Enhanced tabbed browsing
http://www.microsoft.com/windows/internet-explorer/features/easier.aspx

Increased performance
http://www.microsoft.com/windows/internet-explorer/features/faster.aspx

To download Internet Explorer 8 in your preferred locale/language, follow the steps below or visit one of our worldwide sites.

Hi I can not see anything there that would stop internet activity - That file appears to be a false positive, so upload it to Avast

What are the exact problems you are experiencing ?

I am running the latest version of Firefox, not IE. I hadn’t read all of the stuff on this forum when I first found the malware and Avast doesn’t have a “not recommended” by Delete so of course I deleted but don’t feel it is really gone since when I did a system restore, it showed up again. Problems I am having are my computer will just shut off out of the blue. Sometimes it will say it can’t start up. At other times it has started but when my desktop goes to load, I get a black screen. I can access the task manager at that point but that’s it. It will eventually load, after about 5 minutes or more. I went to a Dr. Webcure (or something like that) today and ran that and it didn’t find anything. I visited the geeks forum you referenced for malware clean up and did all the stuff it recommended (I didn’t post over there though) and I am still having problems. It shut off twice when I tried to run safe mode so I was unsuccessful with running any antivirus that way. Should I try system restore again (although it only goes back to yesterday instead of the day before) and why are there no restore points further back?

Thanks so much for your help!

As per your MBAM log, you have IE7 installed regardless of your use of FF.

Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org

Database version: 4419

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005 (I added the bold so it would be noticeable)

8/11/2010 11:46:50 AM
mbam-log-2010-08-11 (11-46-50).txt

As Kenny suggested, you should update IE7 to IE8.

You may also be having hardware problems as indicated by it shutting off randomly.

Do I need to keep Internet Explorer updated if I have never used it while owning this computer for a year and half? Also, I don’t think the issues I’m having are hardware related as I have read other posts where people were experiencing identical issues. I just want to know if anyone has any advice on getting rid of the malware even though it is not showing up on scans.

Of course you need to keep it up to date if for no other reason it is integral to your OS.

Just so’s you know, I’m not a computer geek, nor do I claim to be anywhere near educated about computers. However, that doesn’t mean I appreciate being made to feel like an idiot just because I don’t know something. I would not make you feel like an idiot should you not know all the intricate details of childbirth, of which I do. I appreciate all the assistance I’m being given. I just thought Internet Explorer was a browser and since I don’t use it, I did not understand why it would matter whether I updated it or not. I did not realize that it was an integral part of my OS. Also, since I have Windows updating automatically, why would IE not have been updated?

Regardless, I don’t believe any of this is my issue. If anyone has had experience with the Win:32 malware gen and can help me, I would really appreciate it.

The file WksInetn.dll is a legitimate component of Microsoft Works Suite.

Since all scans find nothing, random shutdowns are usually the signs of a failing power supply and/or overheating which is most likely caused by fans not running.

There will be at least 2 fans - one in the power supply and another mounted on top of the CPU on the motherboard - but there could be others. Other possible locations could be at the front and/or rear of the computer case interior, on the side panel interior of the case, on the northbridge & southbridge chips on the motherboard, and if you have a seperate video card one could be located on it. These locations should be checked for fans and if they are running when the computer is on.

There was no intention to make you feel an idiot, you asked a question and I gave an answer to it.

Do I need to keep Internet Explorer updated if I have never used it while owning this computer for a year and half?

Of course you need to keep it up to date if for no other reason it is integral to your OS.

There was as I said no intention to make anyone feel an idiot.

Should I ask questions about childbirth, feel free to answer them as you feel necessary.

Older versions of IE are more vulnerable to exploit and as I said it is integrated into the OS. The windows update will provide security updates for the installed version of IE that you have, it won’t offer the new version of IE8. However should you install it, windows update will then ensure that it is up to date.

Please refrain from gender-biased statements. This is a mother who needs a PC for home schooling and has little knowledge on computers, so a little kindness will help.

Hi Candy,

Perhaps I can interject and make things a little easier for you. Yes, you do have IE as a browser that you do not use. However it is still important that you do regular Microsoft (MS) Updates. You should have them set to do them automatically or alert you to when they are available to download - See your Security Center to change your settings. Regarding the fans mentioned in the earlier post, you can easily get a screwdriver to open the CPU cover (don’t worry…I can do it), use a “Swifter” (micro dust cloth) and get the dust off the fans and put the cover back on. Do this PC-housekeeping several times a year. Try to keep your machine in a well ventilated area as well to avoid over heating.

Please update your Avast definitions and run a scan to see if anything shows up. Otherwise, things look clean.

Do you have any other questions that we can help you with?

@ SafeSurf

Please read about Windows Explorer

Windows Explorer is a file manager application that is included with releases of the Microsoft Windows operating system from Windows 95 onwards. It provides a graphical user interface for accessing the file systems. It is also the component of the operating system that presents many user interface items on the monitor such as the taskbar and desktop. Controlling the computer is possible without Windows Explorer running (for example, the File | Run command in Task Manager on NT-derived versions of Windows will function without it, as will commands typed in a command prompt window). It is sometimes referred to as the Windows Shell, explorer.exe, or simply “Explorer”.

Then I suggest that you direct your comments to the originator of the ‘gender-biased’ statement, which I even quoted in my reply that you omitted to mention, it wasn’t mentioned in isolation.

I have highlighted the relevant part in case you miss it again.

Where was I unkind, she asked a question and I answered it briefly, you are reading way too much into this.

Ummm, Kenny, we are talking about IE and not WE.

Also, I find that far too often people put their computers in the worst of places - in an enclosed part of a desk made by unknowing desk manufacturers for that purpose causing high heat build-up, on the floor where the computer becomes the ultimate dust magnet, and even worse on a carpeted floor where carpet fibers clog up all ventilation.

A computer is a natural dusk magnet and there is little reason to do things to make it worse … unless you hate it and want to burn it’s components into crispy critters. ;D

I guess by using XP/SP3 Home
Avast Pro 5.0, Immunet, MBAM, Spybot-S&D, Zemana, ZA Free shows your inexperience.

Spybot-S&D has not kept up with the times and MBAM is much more effective.

Candy, please keep us updated if you have any other issues.

Thank you, but I am aware of it since I’ve used all OS excluding Win7, but this might be helpful to other users on the forum.

How true! This is why I suggested a well ventilated area, and perhaps should have mentioned to keep the machine away from pet hair as well.

I am suggesting in general that we can try to interpret (as best as we can given the information provided) what the OP needs and give them the best suggestion/recommendation based on their technical and learning abilities, not to mention if the user is non-English speaking and having difficulties with the language (does not apply to this situation).

Sometimes comments are made that may turn off the OP, and this does not encourage them to return to the forum. I am speaking in general here, and not specifically at you David. Please understand that I do not want to start a flame with anyone; I am here to help others just as you are.

So let’s put our discussion to bed. This thread was started by the OP and let’s see if she needs any additional assistance. Thank you.

using IE8 is even more hilarious

No problem using them both. Using a not-standard-compliant product is dumb, have to agree with Altarir. Go burn in hell. Better yet, on NIGHTMARE.