Avast keeps on showing an alert about Win32:Malware-gen? Are you annoyed with this issue? From the following post we’ll help you get rid of this nasty Trojan completely and safely.
Win32:Malware-gen is determined by YooCare Labs as a highly dangerous Trojan that opens a backdoor on the targeted PC by contacting a command and control server. It runs highly risk to your computer once it is downloaded surreptitiously.
This nasty Trojan can be found by Avast antivirus generally. It performs various damaging activities on the targeted machine. You will find your computer is so slow to respond to all your commands and it will take a while before opening a program. Like other Trojans, this threat is also capable of spying on infected computer, leaking data, downloading or executing other modules from a server. It may lead to annoying browser diversions as well. Furthermore, such nasty Trojan can even steal financial information and sensitive data such as online passwords and credit card numbers from the victims and then transfer all to remote hacker.
When this Trojan is installed, Avast will keep showing the alert as follow:
Object : C:\Windows\Installer\…\80000000.@
Process : C:\Windows\System32\services.exe
Infection : Win32:Malware-gen
Action : Moved to Chest
However, even if you have selected “Move to chest”, but after you restart the computer, the same threat appears. This stubborn needs and only can be removed manually so that it is completely kicked off from your computer.
1. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
2. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
%Documents and Settings%\[UserName]\Application Data\[random]
%AllUsersProfile%\Application Data\.exe(Win32:Malware-gen)
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Random
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Random.exe
If you failed to remove Trojan Horse Hider.RGE with the instructions above or need any assistant, you are welcome to contact YooCare experts to resolve all the problems completely.
Published by on July 11, 2012 5:13 pm, last updated on June 11, 2013 8:59 am
Leave a Reply
You must be logged in to post a comment.