If im not wrong its for windows backup or something. Let them alone and never delete them. Some times you will see they will be two or three because they have been updated so let them in the chest they will be in security. They are there for a good reason its because they are needed for windows and avast! chest protect them so that why its in saved important files.
For the A0087942.exe i searched on google and did no find anything of it so maybe a guy will help you with it
The user can’t restore these files, only avast can use them.
Windows would have a fit if you tried to replace the running files, infected or not. So I will answer your next question now, I don’t know how avast would do that ;D
So nothing to worry about, I don’t have any virus lurking? I was really paranoind there might have been a Trojan Virus in my system - I really like Avast, but it can scare with the reporting it kind of gets you think you may have got a Virus when you don’t but apart from that can’t fault it. I’ll download the ‘Hijack This’ application and keep you informed. thanks.
hi
i’m really need help for my problem
i use windows xp
when Win32:Trojan-gen {other} attack my *doc file,
everything with microsoft word (*doc) became size 638 k.bit
when i use avast, it recommendly to move to chest. it succesfull but the original *doc file become missing/hidden
but the file always right there just i cannot find.
can some one help my problem??? Pleaseeeee
p/s sorry, my english language are poor.
thank.
Please start a New Topic of your own as this seems unrelated to the original subject and will just confuse the topic and we will try to help.
Go to this link, http://forum.avast.com/index.php, scroll down to the Viruses and Worms forum and click it, click the New Topic button at the top of the list and post there.
Hi,
I also have a problem with the win32 trojan gen virus.
I don’t know how to remove it.
this is my hijack log, maybe anyone can help me
thx
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:38:53, on 3/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support
Nico-Sid , please start a NEW TOPIC of your own as this seems unrelated to the original subject and will just confuse the topic and we will try to help.
Your system is way down level and needs Windows Service Pack 3 that has been available for over a year and the Sun Java that is installed has many security exposures…
In response to polonus - here is my logfile from Hjackthis, unfortunately have had to attach via a .txt file as I exceeded the word limit when I tried posting before. Is there a way round that? as I’ve seen large postings on here.
Also after a recent scan, last night I got a few bleeps and warnings from Avast and in the chest were these files:
[b]Name: A0087942.exe
Original Folder: C:\System Volume Information_restore{3A5B5489-CC30-45FF-92AA-8E4674662524}\RP249
virus Description: Win32:Trojan-gen{other}
Name: A0088034.exe
Original Folder C:\System Volume Information_restore{3A5B5489-CC30-45FF-92AA-8E4674662524}\RP249
virus Description: Win32:Ups[Cryp]
Name: A0088322.exe
Original Folder: C:\System Volume Information_restore{3A5B5489-CC30-45FF-92AA-8E4674662524}\RP251
virus Description: Win32:Ups[Cryp]
Name: MS9767612.exe
Original Folder: C
virus Description: Win32:Ups[Cryp]
Name: MS9767612.exe
Original Folder: C:\DOCUME~1\User\LOCALS~1\Temp\Rar$EX05.453
virus Description: Win32:Ups[Cryp]
Name: MS9767612.exe
Original Folder: C:\Documents and Settings\User\Local Settings\Temp\Rar$EX00.15
virus Description: Win32:Ups[Cryp]
[/b]
Any help to clear my system would be much appreciated, thanks.
Just to get these files in the chest sorted to start with.
The files are okay now they are in the chest. They can no longer contaminate your system, although you may still have infected files in your system that are as yet undetected. They can be dealt with later.
As far as the files in the chest go, it may help to send copies off to avast for analysis, This is relatively easy to do. If you can go to chest and follow directions.
Right-click a file----->choose email to Alwil software------follow directions
classify file as undetected malware – add link to this topic from the forum
The file will be uploaded to avast on the next auto update or you can manual update if you want
Do this to each of the files.
classify file as undetected malware – add link to this topic in the forum
zip the message and password protect – secure password in the email body
I see you have also attached a HjT log. I will have a look but this is not my area of expertise.
Some forum members do have a lot of experience with HjT so they can help out later it need be.
Edit - Probably just some small tidy up work by look of the HjT log. But wait for someone more familiar with HjT. They will usual give you a step by step.
A disk cleanup and defrag would not hurt at this stage. If you have not done so already.
Windows XP Service Pack 3 has been available for a year and contains several Critical Security updates plus performance improvements you need to start Internet Explorer then go to Tools then Windows Update and download all of the available updates.
Also you should enable Automatic Updates or at least be notified that Updates are available.
Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least Notify me but don’t automatically download or install them.
Windows XP Service Pack 3 has been available for a year and contains several Critical Security updates plus performance improvements you need to start Internet Explorer then go to Tools then Windows Update and download all of the available updates.
Also you should enable Automatic Updates or at least be notified that Updates are available.
Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least Notify me but don’t automatically download or install them.
Thanks for the response, not all the files will load up for email, and do I add the link to this site in the additional information bit? will it matter that all the files won’t go straight on to email? and finally what is the ‘next auto/manual update’ - is this something Avast would email me about?
Or instead send samples as email to virus@avast.com
- classify file as undetected malware – add link to this topic in the forum
- zip the message and password protect – secure password in the email body
How do you send ‘samples’ in an email from the chest?
I see you have also attached a HjT log. I will have a look but this is not my area of expertise.
Some forum members do have a lot of experience with HjT so they can help out later it need be.
Edit - Probably just some small tidy up work by look of the HjT log. But wait for someone more familiar with HjT. They will usual give you a step by step.
A disk cleanup and defrag would not hurt at this stage. If you have not done so already.
They aren’t actually emailed from the chest but uploaded (though it does say email to Alwil Software).
The file has to be in the chest already or you have to first add it to the chest.
You can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already there) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.