Logged on to my computer this morning and was greeted with
"MALWARE BLOCKED
avast! File System Shield has blocked a threat.
No further action is required.
Object: C:\Users\David\AppData\Local\Temp\mwgmliry.dll
Infection: Win32:Malware-gen
Action: Moved to chest
Process: C:\Windows\Microsoft.NET\Framework\v2.0…\csc.exe
The threat was detected and blocked when the file was created or modified"
Malwarebytes Anti-Malware 1.50.1 http://filehippo.com/download_malwarebytes_anti_malware/
always update the program so you have lates database before you scan
click the remove selected button to quarantine any infections found
you may post the scan log here
Started happening about 2 days ago. My husband is having the same issue apparently, in England. It pops up on every boot-up with some random .dll file, then randomly throughout the day.
I have begun experiencing the same thing. A friend in Norway is experiencing the same. My own case is both a desktop and laptop. Don’t think there’s any information I can add that provides any more insight.
I’m experiencing the same issue, starting this afternoon.
From my File System Shield log:
1/18/2011 2:00:41 PM C:\Users\Jeff\AppData\Local\Temp\wrzm9yjt.dll [L] Win32:Malware-gen (0)
File was successfully moved to chest…
1/18/2011 5:00:28 PM C:\Users\Jeff\AppData\Local\Temp\4fktxflg.dll [L] Win32:Malware-gen (0)
File was successfully moved to chest…
1/18/2011 8:00:28 PM C:\Users\Jeff\AppData\Local\Temp\q-ohkne9.dll [L] Win32:Malware-gen (0)
File was successfully moved to chest…
1/18/2011 11:00:56 PM C:\Users\Jeff\AppData\Local\Temp\llawn-lk.dll [L] Win32:Malware-gen (0)
File was successfully moved to chest…
It could just be a coincidence, I’m not sure, but the detected .dll is appearing about every 3 hours it seems.
This exact thing started happening to me this afternoon. Not once in a year has anything been detected until today. Last night I updated to the latest version of Avast (was told to update and restart computer). There have been four events today, all from C:\Users.…\AppData\Local\Temp folder. They have each been labeled a different .dll with the virus listed as Win32:Malware-gen.
I’ve run a full scan with Avast and it found nothing. I ran a full scan with Malwarebytes and it found nothing. And, I ran a scan with SuperAntiSpyware and it found only tracking cookies.
I updated Avast when it prompted me to when I booted up my PC for the day. I am now having the exact same problem as the others. I ran a full scan on my PC with Avast and Malwarebytes and I keep getting this same error. Always the Win32:Malware-gen in the AppData folder. It happens pretty much as soon as my CPU is booted up and then periodically throughout the hours. Here are my malwarebytes results if it helps.
Hey all! New to the forums, havn’t ever needed assistance until now. I too am getting these alerts (Minneapolis MN). Quite a relief that im not the only one with this problem.
Ran a full scan with MBAM with no results except a tracking cookie (arg)
Unrelated question: Is Essexboy the resident malware guru?
Pretty much same situation here (in Finland) - Avast reports at every computer wake up or start up Win32:Malware-gen, it is always some oddly named .dll file in temp. Process is always C:\Windows\Microsoft.NET\Framework\v2.0…\csc.exe. It also pops up during the usage every now and then - maybe every 3 hours, have to check. The problem started to present itself less than 24 hours ago I think, cannot figure out what has happened at that period.
Full scan reveals nothing, at least yesterday. same with latest MBAM yesterday, haven’t tried today. Same with Spybot but Ad-aware found suddenly 3 files associated with Dropper, and quarantined them. They were deleted - at the startup the same Avast warning still.
Went to sleep: today, the same warning. Currently doing startup scan with Avast, with maximum sensitivity. Next running Adaware, Spybot and MBAM fullscans again and then if none of it helps I will also use OTL and post log here. Unless of course during my time-taking scans the answer appears here magically
EDIT: Nothing in MBAM fullscan, and nothing in Adaware fullscan so far. And by the look of it the yesterday’s Adaware scan may also been false alarm on Dropper, as it seems to mistake one game controller’s downloaded firmware update as Dropper (the update has been untouched for at least a year, and used controller all the time - no reason for it to activate now- just that I downloaded Adaware so it saw it now):
Description: c:\users\xxx\downloads\n52te_win_firmware_v1.04_eng(2).exe Family Name: Win32.TrojanDropper.Agent Engine: 1 Clean status: Success Item ID: 0 Family ID: 1037 MD5: 736be7da6f623a4676c252273392ba18
Description: c:\users\xxx\downloads\n52te_win_firmware_v1.04_eng(3).exe Family Name: Win32.TrojanDropper.Agent Engine: 1 Clean status: Success Item ID: 0 Family ID: 1037 MD5: 736be7da6f623a4676c252273392ba18
Description: c:\users\xxx\downloads\n52te_win_firmware_v1.04_eng.exe Family Name: Win32.TrojanDropper.Agent Engine: 1 Clean status: Success Item ID: 0 Family ID: 1037 MD5: 736be7da6f623a4676c252273392ba18
