Hi there everyone, nice to meet you all. I’m IvoryOnyx. I’ve been using avast! for about three years now. It is hands-down the best free antivirus program I’ve ever used. Up until this point, it’s kept me protected from all the nasty viruses and malware peppered throughout the internet since that time.
But a few days ago, I ran into a problem was when avast! apparently detected some viruses/malware on my computer while it was scanning (which I have it set to do when the screensaver starts up - I’m sure some of you are familiar with it and I must say, it’s a great idea I haven’t seen implemented by any other software). This led me to agree to do a boot-time scan, which took a little over three hours to accomplish. It found a ton of Java Agent exploitations, which I was able to move to the chest and delete. There was one virus, however, that I could not remove, and that was the Win32 Malware-gen.
I’ve done research and have only found three to four different cases of it, all of which did not really help me in figuring out how to oust the virus from my computer. One person said that they were able to delete the virus by going into some other user’s account on the computer, since the security/user permissions on the account prevented the individual from deleting the virus. Another person’s problem was resolved after he was told to clean out his temp files. The problem I’m running into is the fact that this does not apply to my particular case.
These are the pieces of information saved on my log from the boot-time scan.
File Name: C:\Windows\Downloaded Installations\3E547985-AA94-4B1B-8ADD-21E060E5E31F}\Adobe Photoshop Album 3.2 SE.msi|>Data1.cab|>ADB2.EXE|>[UPX]
Severity: High
Status: Threat: Win32:Malware-gen
Action: Move to Chest
Result: Error: The system cannot find the file specified. (2)
I did some more research as to exactly what this virus was, and learned that it is basically a virus that is capable of downloading files without my knowledge, either to get more viruses and malware on my system or to supplement an existing one. This alone frightens me. Anyway, I’d appreciate any and all help from the community.
Looks like a false positive on avast’s case as it is legit.
Mcafee Reports: ADD c:\WINDOWS\Downloaded Installations{3E547985-AA94-4B1B-8ADD-21E060E5E31F}\Adobe Photoshop Album 3.2 SE.msi
Furthermore, the error you received states that ‘the system cannot find the file specified’. The “Downloaded Installations” folder is a temp folder, so the chance was high that this file couldn’t be found. However, it is strange that it was found during the boot-time scan but couldn’t be found upon completion and selected for removal.
And then you can follow the instructions and attach the logs to this post from here: http://forum.avast.com/index.php?topic=53253.0
If you want a malware removal specialist to check your system for any malware remainings.
Hey there, yeah, I scanned again (this time it was a system scan) and it didn’t find it. I just thought that a boot-time was perhaps more thorough (because it definitely took longer). The normal scan took around 2 hours; the boot-time took 3+ hours.
I’m kind of a paranoid person, so even though the second scan (normal scan) didn’t find it again, the fact that it was found during the first one (boot-time scan) and couldn’t be removed still bothers me.
I’ll check out those two links and get back to you as soon as I can. I really appreciate both of your swift replies! Thank you, it means a lot!
I have the same problem - Malware-gen shows up on a boot scan but no where else. The location is Program Files\Earthlink Setup\Windows\access\spywareblocker.msi|>Datal.cab|>Elshowspyabout.exe|>[UPX] Win32:Malware-gen
Pondus has dealt with this issue before.
********************************************************************************
see reply #119 +… here is one with the same problem…only detected with boot scan…