Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win32:Malware-gen Infection

Started by Oddrose , Jul 23 2010 04:37 PM

  • Please log in to reply

#1
Oddrose
Posted 23 July 2010 - 04:37 PM

Oddrose

    New Member

  • Member
  • Pip
  • 2 posts
My connection kept timing out so I thought perhaps there was too many characters in this post - I have attached a file and will see if that works.

That appeared to be the problem. The full text is in the attached txt file but this is the main gist without the logs:

I followed the steps in the guide. These are the steps and logs I received:

Avast Message:
avast!File System Shield has blocked a threat.
Object: c:\windows\system32\rqpopq.dll
Infection: Win32:Malware-gen
Action: Deleted
Process: C:\WINDOWS\system32\lsass.exe

A full system scan with Avast comes up with the following files every time (I ran the scan a few times in the vain hope that it would fix itself):

c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP877\A0203923.DLL
c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP878\A0203943.DLL
c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP880\A0203980.DLL
c:\system volume information\_restore{5P527826-4A83-8416-28ACDDA14001}\RP880\A020413.DLL

I then ran TFC.exe

Then ERUNT

I already had MBAM on my computer and had used it successfully last week. This week it would not open (probably the Malware). I uninstalled my version and reinstalled the link from your site with the same results.

I then ran GMER rootkit scanner. Logs attached

I then ran OTL. Logs attached

Thanks for offering this service and I really hope you can help.

Edited by Oddrose, 23 July 2010 - 04:41 PM.

  • 0

Advertisements

#2
Oddrose
Posted 26 July 2010 - 03:40 PM

Oddrose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Somehow I finally managed to get the Malwarebyte program running and it seems to have cleared up the problem.

What I did was first deleted any of the extra toolbars and add-ons I had running (even the google one I had for years). I then ran a full scan of my computer with Avast every time I was on my computer (it found different files every time but in the same folders as the above explanation). I also tried opening the Malwarebyte program every time I was on the computer too. The moment it opened I did a full scan and I haven't had the problem since (which was about 18 hours ago.

Thank you so much for offering this service!

I hope nobody put too much work into this yet.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP