Win32:malware-gen help!

Hello there everyone,

I’m currently using Avast Home Edition, and I’m up to date on everything in my Virus database but Avast keeps finding a worm called “Win32:Malware-gen” but when I try to move it to the chest like it says or delete it Avast simply states that it cannot find the specified file. I’ve taken it that Avast can’t delete this specific worm and have downloaded Malwarebyte’s to perform a scan and this was the report from notepad that I was presented with:

Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 4367

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

7/29/2010 4:47:40 PM
mbam-log-2010-07-29 (16-47-40).txt

Scan type: Quick scan
Objects scanned: 147059
Time elapsed: 13 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 31
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 7
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) → Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt&Search(default) (Adware.Hotbar) → Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kxva (Spyware.OnlineGames) → Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command(default) (Broken.OpenCommand) → Bad: (“regedit.exe” “%1”) Good: (regedit.exe “%1”) → Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Jake\Application Data\FunWebProducts (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Documents and Settings\Jake\Application Data\FunWebProducts\Data (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Documents and Settings\Jake\Application Data\FunWebProducts\Data\Jake (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) → Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Jake\Application Data\FunWebProducts\Data\Jake\avatar.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) → Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) → Quarantined and deleted successfully.

any help would be much appreciated,
Starcaller

What would help is the file name and the location of the detection as we can only guess as to why the file can’t be found.

try here:

www.wormblaster.net/Virus_Remover_Update.zip

Goodluck and GBU…

@Starcaller

After following the recommendations from mbam, have you run fresh scans to see if there are still malware detections?

mbam is often successful at cleaning out Trojan.vundo infections, it is possible that you are now clean.