File Amsmpu4p.sys infected with: Win32:Trojan-gen. {Other}

Hi!
I’m from Italy and with today’s updates I’m experiencing troubles with file Amsmpu4p.sys (file size 31 Kb).
It is said to be infected with: Win32:Trojan-gen. {Other}.
The original file was in: C:\DOCUME~1\FAMIGL~1\IMPOST~1\Temp\Amsmpu4p.sys ed I’ve found it’s created every time I run by the Desktop icon the Italian version of the game “Railroad Tycoon 3”.
Yesterday I had no troubles playing the game.
I scanned the incriminated file with Kaspersky File Scanner on-line but it seems to be clean.
I think - or, at least, I hope - it could be a false positive…
I’m using Windows XP Home Edition SP2 Italian version.
My Avast is always been updated daily. My current VPS is 0645-2 but I had problems with the previous one, too.
Greetings.

To know if a file is a false positive, please submit it to JOTTI or VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used.

Until there, please add it to the Exclusion lists:

For the Standard Shield provider (on-access scanning):
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button…

For the other providers (on-demmand scanning):
Right click the ‘a’ blue icon, click Program Settings.
Go to Exclusions tab and click on Add button…

You can use wildcards like * and ?.
But be carefull, you should ‘exclude’ that many files that let your system in danger.

Hi there!

Zipped and sent to virus@avast.com

Greetings.

This is happening to other, known clean, files too - I’ve just submitted the same problem with a totally unrelated file.

I think that the last two updates is the culprit of generating this trojans :

  • Win 32:trojan-gen.
  • Win 32:trojan-gen. {Others }

I encountered this trojans on my two files:

c:\Program Files\Pacific Speed Booster\Sporder.dll is infected by Win32: Trojan-gen.
c:\System Volume Information_restore { 64E606C-FDC9-474-B14F-C9B60c680c58 }
RP46\A0005970.dll is infected by Win32: Trojan-gen. { Others }

I move this two to CHEST. After three days I scan the two files within the chest, and it said that the two files are already clean… no virus found. ???

Yeah… most probably.
That’s the reason that the recommended action when a virus is found is sent it to Chest (Quarentine) and not deleting the file.
Now you can restore your clean (false positive) files…