Win32:Malware.gen infection

[essexboy]

On completion of these runs can you let me know what problems remain

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ndisrd.sys -- (ndisrd)
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CREATERESTOREPOINT]
  [Reboot]

  
  
• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  

THEN

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

[exorkizein]

Hi essexboy,

Here is the OTL log.  We're running the MBAM scan overnight and will post the log in the morning.  Thank you!

[exorkizein]

Nevermind, it finished a lot faster than I thought!  Here is the log

[essexboy]

What are your current problems ?

[exorkizein]

Hi essexboy,

She mentioned earlier that "HTML:IFrame-U [Trj]" was found. It just appeared again with an Avast warning.  We moved to chest.  File name: C:\Windows\Temp\6FF679FD-C95C-4A1F-8427-83CA5F7AC649-Sigs\A4749EF3-BA75-48A7-B655-701F97BDA386mpavdlta.vdm.old.temp

[essexboy]

What site was she visiting at the time ? As being in the temp files it probably came from there.  Or had a security programme updated as it may be an unencrypted definition 

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :Files
  C:\Windows\Temp\6FF679FD-C95C-4A1F-8427-83CA5F7AC649-Sigs
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYFLASH]
  [CREATERESTOREPOINT]
  [Reboot]

  
  
• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done