Hi there, I believe my system is infected with the Win32:Malware-gen virus (as Avast! informs me). Every few minutes a new .tmp file is quarantined by Avast! and the pop-up message from avast informs me that it is related to a ‘Win32:Malware-gen’ infection. I’ve run a boot time scan with avast but no threats were found. I’ve also downloaded Malwarebytes and run a scan, but no threats were found with that either. It seems as though the system is in fact infected though as I’ve never had the issue of new tmp files appearing (and as the avast pop-up messages denote the win32:Malware-gen infection).
I’ve read through the thread “Logs to assist in cleaning malware” and tried to install both the Farbar and the aswMBR tools but am unable to download them, I just get this notification:
"C:\Users(my name)__~1\AppData\Local\Temp\fSkQZMW_.exe.part could not be saved, because the source file could not be read.
Try again later, or contact the server administrator."
You guys seem to have been very helpful in other similar cases, really hoping you can help me this time!
I ran the Malwarebytes scan which now has turned up 2 ‘Trojan:Banker’ files. I quarantined the offending files and rebooted the machine as prompted.
I then ran the FRST scan (I was able to download the FRST and aswMBR tools by using Internet Explorer instead of Firefox).
I’ll post all three logs here now.
One curious thing is that immediately after quarantining the trojan:banker files a new shortcut appeared on my desktop “Home Network Group”, it disappeared a few minutes later. Would this indicate that the virus remains on the machine despite the files having been quarantined?
Oh I had also run the TFC cleaner prior to running the Malwarebytes scan by the way. It cleared out about 300bytes of files (if I recall correctly) but did not require that I restart my machine.
Hi Essexboy, thanks for your response, hugely appreciated!!
I ran the fix as instructed, I’ll attach the resulting log now.
The alerts about the random temp files had ceased after quarantining the two trojan:banker files with Malwarebytes actually. I did however catch sight of the ‘Homegroup Network’ shortcut very briefly following the restart (after running the fixlist.txt file in FRST) so I’m still suspicious that something might be on the system as the shortcut has never appeared on the desktop prior to the virus.
No further avast alerts or buggish behavior from the system anyway, are there any other precautions or further checks I can make or do you think that the system is probably fully clean again?
Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe