Win32:Malware-gen - C:\Windows\System32\dinput32.dll

I’ve attached a picture of what I am getting constantly regarding this Win32:Malware-gen
I am also a novice and don’t understand what i should be doing. I have run Trend Micro, my windows malware program, and of course Avast which didn’t find it when it scanned. How can avast block something but not find it? That seems bizarre to me.
This thing is popping up ALL the time and driving me crazy. Just started today. Sometimes the count on it is in the 50’s and when I go to the chest there appears to be 100’s of the same thing. HELP PLEASE

Well there is obviously something else (hidden/undetected) that is restoring the file, not to mention there also has to be a registry entry responsible for the run command winlogon.exe for C:\Windows\System32\dinput32.dll.

If it keeps coming back, there is likely to be an undetected or hidden element to the infection that restores or downloads the file again. What is your firewall ?

If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
Also available a portable version of SAS, http://www.superantispyware.com/portablescanner.html, no installation required.

SuperAntiSpyware (SAS) should I believe be able to deal with this one.

Thank you. I am runninmg the Malwarebytes now and not liking what I see. It is on object 147011 and says 7063 objects infected. Is that even possible?

A Quick scan would be enough to get you started and generally will have picked up most of the detections.

Can you modify your post and remove the 80-90 blank lines to something that doesn’t mean scrolling forever to see the end of the post, see example quote.

If you were intending to copy and paste some data, then it failed and only inserted blank lines.

I can’t comment on the figures, depends on what it classes as infected, but it is entirely possible to have those kinds of numbers though uncommon.

I don’t have a clue what happened to that post. The lines at the bottom were the same as the ones at the top. Sorry about that.

I take it that the MBAM scan has now completed you could attach the log file (see below) so we can have a lok at what was found as I guess it would be too large to copy and paste.

Check out the C:\Program Files\Malwarebytes’ Anti-Malware\ or C:\Documents and Settings\YourUsername\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware\Logs\ folders for the mbam-log{date of scan}.txt files.

  • When you click the Reply button, there is an Additional Options link, this expands the options to attach a file, that can be an image file or a text file (.log or .txt).

It says the log file is too big to post >:(

How big is it ?
Try breaking it up and create two or three .txt files and attach the parts in two or three posts.

It is 622 KB. I does say everything has been quarantined and deleted. I’m running the scan again just to make sure. So far nothing is infected. My avast is behaving also.

Thanks for all your help and I will let you know when its done scanning. It might be tomorrow as I’m going to bed soon.

Wow that is by far the biggest MBAM log I have ever come across, your going to bed soon, its 4am here in the UK ;D

I was wondering about you still being up at that hour. I saw the British flag but thought maybe you were living in the states or Canada. I’m an old girl so need my beauty sleep. Get to bed!!!..lol


Hi loopync,

In your first post, you mentioned having run both Trend Micro and avast. It is not good to run 2 resident AV programs at the same time as they will cause conflicts. If you are running 2 AV programs at the same time, this could likely be part of the cause of your very infected computer.

Please let us know for sure if you are running both Trend Micro and avast as resident AV programs.


I don’t run them both at the same time. Avast is my antivirus program but when it didn’t find anything I downloaded Housecall and ran it. I do have it all fixed now thanks to your forum help and Maleware Bytes. Great program. All is clear now and again thanks for this forum.


Thanks for the reply, loopync. Housecall is completely OK to use.

It is good to know that all is well with your computer now. :slight_smile: