Hello everyone,
I had a problem up until 5 minutes ago.
"Every time I restart the pc just before it finishes loading every program when starting up, I get this message about E:\DOCUMENTS AND SETTINGS\Jim\LOCAL SETTINGS\Temp\tmp1.tmp being infected with the Win32:small-gen2[trj].
Ok, I move it to the chest and every time I restart the same thing.
I also ran a scan before Windows boots and it finds nothing.
I see in the history that this starts in the 24th of October when in fact while sufring the net I was warned by Avast that a trojan tried to hit.But, it was supposed to stop it."
I found what to do.I went to msconfig and saw that the last program to run from the startup programs is an ms_update_069_7723.exe.Guess when it came onboard…
It seems this exe is the reason.I hope it help some people.
Go to the startup directory and you will find a 24kb file which is the root of the problem.I deleted it and made the msconfig not run it and all is ok.
Send an email with the file (false positive or infected) to: virus@avast.com
You can zip and password the files… Inform a link to this thread and the password used.
You can send the files to Chest and, from there, resend to Alwil for analysis.
Thanks.
DimitrisK, good news that you didn’t remove it completely as the sample when you send it to avast will help others.
If you want to keep things for analysis purposes, open the virus chest, User Files, Add, and navigate to the infected file and add it to the chest where it can’t do any harm. Here as Tech said you can send it the Alwil Software and scan the file in the future to check if it is now detected.
All right, chest says it is sent to Alwil.I 'm really looking forward to hearing from them in case it was something helpful.
In fact,I have read a lot of messages in pc forums about having problems nobody could help with and the file is always there when they post a hijackthis log!
Yes it is definitely the file responsible! I went to delete it and I accidently ran it and it did the routine that it does at start up. I hope this is what was also what was causing my computer to have 60 second shutdown countdown.
I have some bad news.
I had the same message about Win32:Small-gen2…
I looked in msconfig and also did a search for the file called
ms_update_069_7723.exe
and found no trace of it whatsoever on my machine.
Anyone have any other ideas?
Thanks!!! ;D I had the same problem for two or three weeks and was unable to solve it. The only difference was that in my case the application was called “ms_update_0612_kb74062.exe”, otherwise all was the same. Actually you don’t need to uncheck the msconfig entry since after you delete the .exe file it disappears automatically. Once again, thanks a lot!