Hi I recently found out I was infected on my computer and then I downloaded Avast.
It came up with win32:trojen.gen (upx!)
When I tried to delete or repair or moved to chest it told me access denied cannot process c:\documents and settings\charlotte cosgrove\win32.exe\explorer.exe file
I have turned off system restore but this has not helped, please advise!
Hi charlotte, welcome to the forums.
This should get you started.
win32 - win32.exe - Process InformationProcess File: win32 or win32.exe
Process Name: Win32
Description: Added to the system as a result of the RATEGA virus that is a Trojan horse that gives a hacker complete access to your computer. By default, the Trojan listens on port 6969 and notifies the hacker through email. The Trojan notification message will contain the subject line “Omega Help.”
Company: N/A
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
User’s FAQ A visit to the thread will give you a lot of useful advice and an idea of the information needed to Help you fully.
General Advice & Tools for virus/trojan/malware removal
If you need more help, come back here with more info…
Every time Avast finds a virus, it is the same story. Access denied. I was on the net and the Avast screen popped up and said “Second Thoughts” Trojan detected in temporary internet file. It couldn’t do anything. Everything I tried, it said Access denied. I just closed Avast, opened Internet options, deleted temporary internet files, virus gone. Of the other 2, the first one I had to research on-line and figure out how to get rid of it manually, the other now resides in the virus chest. This was the only option allowed. I think its because this is the free version.
can you display the contents of your virus chest? 
I dont know how to get the information in the chest on here, I am only an internet newbie!
Will type it out manully!
There is a win32 korgos wrm
kernel 32 dll but aparently no virus description
winsock dll again no virus description
wsock32.dll
but no mention of the trojan.gen(UPX!)
I have tried deleting temp internet files and I h ave since downloaded spybot search and destroy
I also have since it was apparent I had a virus downloaded Sygate
I don’t understand removal instructions on the symantec website enough to have a go and I have tried the Avast cleaner but it does not find the virus
How do I get rid of it?
I have also tried CCleaner too.
Tried that did not help, but thanks anyway!
I have had a look at some of the info but I am just not computer literate enough to understand it to able to remove it manually, is there not a cleaner somewhere that will do it for me?
Hi Charlotte,
please try moving the file to quarantine in SafeMode (F8-Boot) or via Boot-time scan with avast
(DavidR’s links should give you detailed instructions )
if this fails,
please post a hijackthis-Log for diagnosis…: http://hjt.klaffke.de/en
