Avast WEBforum

Other => Viruses and worms => Topic started by: Joetymp on December 16, 2012, 10:51:38 PM

Title: win32 malware-gen
Post by: Joetymp on December 16, 2012, 10:51:38 PM

Hello,

I had Avast pop up the other day advising that I had a win32 malware-gen infection in some files. I sent the files to the avast chest, but I am still having avast pop up saying it has found rootkits on my system. MBAM scans are clean!? Whenever I send the files found to be infected during boot time scan to chest or delete them, my mouse stops working and the only way to get it back is to do a system restore. Now when I try to access the avast support log i uploaded to avast tech support ticket, it tells me it is not accessible access denied, whenever I try to create a new log, it just runs and runs.  Then I click the close out x box, and it tells me it can't complete the function error 0x3e3!?  No help from support ticket sent yet...Holy hell, please help!

Title: Re: win32 malware-gen
Post by: essexboy on December 16, 2012, 11:05:53 PM

Please follow the steps here http://forum.avast.com/index.php?topic=53253.0

Also what file is avast alerting on ?

Title: Re: win32 malware-gen
Post by: Joetymp on December 16, 2012, 11:29:29 PM

When I ran the adw cleaner and it rebooted, my mouse stopped working again!  I dont know how to get my mouse back without doing a system restore point.  Should I do that now, or will I lose the adw scan I just did, putting me back at square one?

Title: Re: win32 malware-gen
Post by: Joetymp on December 16, 2012, 11:33:19 PM

The rootkit file is C:\...\trz258.tmp
The other files are ELhid.sys, ELmon.sys, and ELmou.sys

Title: Re: win32 malware-gen
Post by: Pondus on December 16, 2012, 11:36:55 PM

Quote from: Joetymp on December 16, 2012, 11:33:19 PM

The rootkit file is C:\...\trz258.tmp
The other files are ELhid.sys, ELmon.sys, and ELmou.sys

related topic   
http://forum.avast.com/index.php?topic=111239.0
http://forum.avast.com/index.php?topic=111341.0

Title: Re: win32 malware-gen
Post by: Joetymp on December 17, 2012, 12:41:06 AM

Sorry for the delay, my system restore took forever...
any idea how I can get my mouse function back without restoring!? every time I have to reboot trying to clean this damn computer I lose my mouse and have to system restore!!!

Title: Re: win32 malware-gen
Post by: Joetymp on December 17, 2012, 01:47:12 AM

Sorry, I didn't see any "extras.text"

Title: Re: win32 malware-gen
Post by: Joetymp on December 17, 2012, 01:49:37 AM

Not sure if the first time i attached OTL.text if I had it saved in the right ansi format...here it is again.

Title: Re: win32 malware-gen
Post by: DavidR on December 17, 2012, 02:02:13 AM

There may be some delay due to differing time zones and availability of essexboy. It is now 1am in the UK so he will be in bed, he should be back later today.

Title: Re: win32 malware-gen
Post by: Joetymp on December 17, 2012, 04:25:12 AM

Here is the last log...

Title: Re: win32 malware-gen
Post by: essexboy on December 17, 2012, 03:47:12 PM

They all appear to be false positives

Restore these three files from the Chest and add them to Avast exclusions
the ELmou.sys file is your mouse driver

ELhid.sys, ELmon.sys, and ELmou.sys

Title: Re: win32 malware-gen
Post by: Joetymp on December 17, 2012, 11:25:47 PM

THANK YOU a MILLION TIMES!