Author Topic: windows file infected with Win32: Malware-gen cannot move delete or fix  (Read 16230 times)

0 Members and 1 Guest are viewing this topic.

welshniceguy

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #15 on: December 06, 2013, 03:31:36 PM »
zoek run
notepad log results attatched

welshniceguy

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #16 on: December 06, 2013, 03:36:29 PM »
after i fixed the windows earlier with the command prompt, typing sfc/scannow, it found and fixed errors and made defender work once again, it needed updating before use, then a quick scan and then a full scan came back with clean results. wow so defender was somehow infected then, good news you had my back and have given me this expert help, i can't thank you enough super malware fighter.

i really need sleep now only got 5hrs sleep before a night shift, so if there is anything else need doing i'll do it after my shift, thank you again, you have been a super star.

argus

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #17 on: December 06, 2013, 03:45:24 PM »
OK. I will review Zoek and you go to sleep.

argus

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #18 on: December 06, 2013, 03:54:10 PM »
  • Close any open browsers
  • Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.

  • Double click on zoek.exe to run the tool .
    Please wait while the tool does not start...

  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:
Code: [Select]
C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Nation toolbar;f
C:\Users\User\AppData\Local\AVG Nation toolbar;f
C:\Users\User\AppData\Locallow\AVG Nation toolbar;f
C:\ProgramData\AVG;fs
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308};fs
{149BD4C1-7105-4020-88A5-FF21A059D4B0};c
emptyalltemp;
autoclean;
emptyclsid;
ipconfig /flushdns >> %temp%\log.txt;b
  • Click on button.
    Please wait until a logreport will open (this can be after reboot)

  • Save notepad to your Desktop and attach here zoek-results.log
    Note: It will also create a log in the C:\ directory named "zoek-results.log"

welshniceguy

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #19 on: December 07, 2013, 08:37:39 AM »
after the 1st zoek script run yesterday, laptop started and windows update did 6 updates, i just run zoek again, log attached.
laptop did need a reboot to complete the script run this time.
after we run that avg complete uninstaller yesterday, i was surprised to still see avg files still on the log.
this log looked like a lot were cleaned out, wow good job.
sleeping now, working 10hr night shifts on the weekend.
thank you soo much for all this help

argus

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #20 on: December 07, 2013, 10:07:59 AM »
Rerun again FRST

welshniceguy

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #21 on: December 07, 2013, 05:36:32 PM »
I run FRST64 again, didn't click drivers MD5 or addition.txt. if you needed them i can run again.
this time it came up with an error and stopped saying.
Line 9513 (File"C:\Users\User\Desktop\FRST64.exe"):
Error:Variable used without being declared.

log attached.

argus

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #22 on: December 07, 2013, 07:58:40 PM »
I see no present or active malware, good joob.


FRST at the moment there are bag, anyway finish.






Please download DelFix by "Xplode" to your Desktop.

Run the tool and check the following boxes below;
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore

Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt


> I don't need DelFix log report.

welshniceguy

  • Guest
Re: windows file infected with Win32: Malware-gen cannot move delete or fix
« Reply #23 on: December 12, 2013, 06:03:03 PM »
Ok thank you so much Argus.
Sorry for the delay in response, busy with those 10hr wekend shifts and xmas shopping, visting father in hospital, all good now.
Amazing help, the laptop is running good, hope its ok to delete the zoek backup folder/file, needs a defrag now and its good to go, you are a super cyber hero, have a good christmas, i recomend Avast everyday, again thanks for the professional help. :-)