Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fear of Win32Malware-gen and My Own Mistake


  • Please log in to reply
1 reply to this topic

#1 Astyanax

Astyanax

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 15 March 2014 - 09:23 PM

Dear Folks,

 

Last night I was able to revive my older HP Media Center PC by installing a new video card; the old one had failed.

 

The computer was performing slowly and had previously been having some problems on startup that I was unsure whether were related to the ailing video card or something else.  I am running Windows Vista Home Premium.

 

I completed a thorough scan with Avast and the report indicated that I had one high-level threat: Win32:Malware-gen in C:\Program Files\Yahoo! Games\Text Twist\TextTwist.exe.  Avast could not do anything with the file, neither delete nor repair nor send to the virus chest because "access is denied."

 

I decided to run MBAM but each time I try to perform a scan, the computer freezes after scanning a thousand or so files.  I was able to boot into Safe Mode and run a quick scan via MBAM there; that scan completed successfully and showed one threat: Adware.BHO.  That threat was deleted.  No mention was made of any other threat, including the one that Avast found.

 

I booted the computer normally and ran a quick scan with MBAM again; once again, it froze the computer before finishing.

 

Now, I fear that I made a mistake due to both ignorance and haste.  I found directions online for removing Win32:Malware-gen and began following those directions, which include use of Combo Fix.  I got to step three of the process, which is the MBAM step, and again encountered what I have described above.  Here are the steps I was following:

 

http://malwaretips.com/blogs/remove-win32malware-gen/

 

I see here on this forum some very strong warnings about using Combo Fix, but I have done it.  Perhaps my ignorance and haste will cost me a computer.  I'm looking for help from you fine folks.

 

Thank you, and I apologize if my approach here violates any part of established forum protocol.



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:12 AM

Posted 16 March 2014 - 06:16 AM


Since you already ran Combofix due to malware infection, its log should be thoroughly reviewed by trained experts in order to ascertain what was detected/removed and what malware you're dealing with. A log should have been created and saved to the root directory, usually C:\ComboFix.txt.

Please follow the instructions in the Preparation Guide For Requesting Help starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running DDS which will create two logs. (Note: Windows 8.1 Users will not be able run DDS and create a log)
When you have done that, start a new topic and post the required logs to include your ComboFix log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.
-- ComboFix logs are not permitted in this forum.

After doing this, please reply back in this thread with a link to the new topic so we can closed this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users