Win32:Malware-gen

I have spent a lot of time looking through other threads on this issue but none have solved my problem so decided to post this myself.

After my latest update of Avast, it detected a virus Win32:Malware-gen. This was removed according to the full scan but when I run a boot scan it still shows up in a file: FILE C: System Volume Information_restore{98E46F0A-9DA1-4258-92C4-7CCAB1E6E}\RP3424\A0266369.msi|>ISSetupFile2

I cannot delete, repair or move it to the chest during the boot scan.

Since this virus has been detected, Avast al;ways indicates that I should open the computer in “sandbox”. I’m afraid I don’t really understand the implications of this but it concerns me as it tells me that the computer might be at risk.

I have read various things about Win32:Malware-gen ranging from “it allows external access to your computer to look at bank details etc” to “it’s a false positive”. I always use other free malware software and none of these is detecting this virus (if indeed it is).

Any advice on A) should I be worried? and B) what can I do if I should be worried?

Thanks.

ILE C: System Volume Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAB1E6E}\RP3424\A0266369.msi|>ISSetupFile2
clear your restore poinst and it will be gone...

That sounds positive. I’ll give it a go… Thanks.

Hi - unfortunately it is still showing in C:\WINDOWS\Installer\3e6cf.msi|>ISSetupFile.Setupfile2

Having deleted all my system restore points there doesn’t seem to be much option but to uninstall and reinstall Windows XP…which I will need professional help with.

Any other suggestions?

Thanks

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS to your Desktop

[*]Close ALL OTHER PROGRAMS.
[*]Double-click on OTS.exe to start the program.
[*]Check the box that says Scan All Users
[*]Check the box that says 64 bit
[*]Under Additional Scans check the following:

Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - SafeBoot Minimal
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check

[*]Under the Custom Scan box paste this in


%USERPROFILE%..|smtmp;true;true;true /FP
%SYSTEMDRIVE%*.exe
/md5start
volsnap.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

[*]Now click the Run Scan button on the toolbar.
[*]Let it run unhindered until it finishes.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

Thanks Essexboy

I’ll have a go but it’s late and I won’t be able to get on to this for a couple of days now. I will let you know how I get on.