help!Win32:Trojan-gen. {VC}

anybody?

please man…give us some more information !

How can I help you with only “win32:Trojan-gen” ???

Where did you found it (wich file/directory)

Wich windows version ?

Did you do a second scan with, for example :

http://www.ravantivirus.com/scan/indexie.php

Did Avast managed to clean/delete/quarentaine it ?

Waldo

Yesterday, upon doing a manual scan, avast! Pro detected/warned this trojan was present and read that ‘NTCmd.exe’ and ‘Pipecmd.exe’ was infected with this trojan. This on a W2k machine with all Microsoft updates. I deleted the files; server continued to run satisfactorily after a reboot.

IMPORTANT ANNOUNCEMENT
Due to the aquisition of RAV’s IPR (Intellectual Property Rights) by Microsoft Corp., please be informed that starting with 3rd of September 2003, RAV AntiVirus direct sales (including the online e-store) have been closed down.

But all other facests of the website appear to be functional, including downloads.

FYI: Possible a SDBOT Variant. http://sysinfo.org/startuplist.php?filter=NTCmd.exe&count=&type=

Good info…

As an aside, FProt (DOS) identified the above files, PipeCMD.exe and NTCmd.exe and the following as Backdoors or worms:

                     R-Bot.dll
                     udp.exe
                     w32x.exe ->winr.exe
                     ww.exe

I installed avast!Pro as a permanent solution and to cleanup/delete or otherwise attempt to fix the mess as FProt would not automatically delete any of the six (6) files as they could not be positively identified but did provide a warning of Backdoor or worm existance with all six of the files. I wish I had a BartCD to compare…

These four (4) files were NOT identified by avast!. Using F3 I was able to search from within W2k and manually delete udp.exe and ww.exe. I was NOT able to find the remaining two files. They seem to have magically disappeared.

Both FProt (DOS) and avast! Pro now provide a clean bill of health. I hope I got all the roaches cleaned out.

Hi,

Have you avast as virusscan?
Because Avast can remove it

shooter

Avast only recognized two of the six (6) files that FProt identified as backdoor/worm/trojan.

use housecall to see if it will clean the 6 files http://housecall.trendmicro.com

I have had a problem trying to make searches on the net. I downloaded Avast and it detected the Trogan-gen virus on 2 files. Each time, the repair was unsussuccessful. I have deleted one of the files that was a download in the temporary files folder. However, Avast informed me the second file was in the c drive with .exe at the end. I am afraid to delete this file in case it messes up my computer. How can I be sure that it is ok to delete? In fact just as I write I have asome 'aadware-001 [Trj] virus detected by Avast in the C;\system volume information folder. PLEASE HELP!!!

We need some more infos. About the Systemrestore: Just disable, restart and enable it again: http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

and post a hijackthis log: http://mjc1.com/mirror/hjt/

hi all! hopefully you can help i downloaded the home version of advast and it found the trojan, on the first scan it came up with win32 trojan system restore file, repair error 42060, i then ran the avast4 program and it came up with Win32:Trojan-gen.UPX right now it’s stuck in the chest but it hasn’t helped with the problems we’ve been experiencing…this is the other info i’ve copied down:
A0062056.exe
C:\system volume information\ _restore {a bunch of letters and numbers} a few more slashes and numbers. exe

i can’t run a system restore, can’t go into safe mode, been all over the net looking for this thing and here is the only place it’s listed.

any help would be apprecitated – help the 'puter impared mom :smiley:

  1. Disable system restore this will delete all infectd files in the system restore.
  2. rescan with avast list the infected files
  3. scan here http://housecall.trendmicro.com list infected files

I got this trojan from ‘C:\Nintendo\nes\yy-chr_e\yy-chr.exe’ if no one ever been to Yy’s site or know about this program it is a rom graphics editor. maybe someone can tell me how to clean it without losing the program. I would be much pleased:)

Hi jescis,

you can’t clean trojans, only delete them

what WIN do you have ?

test the file with OnlineScanners e.g. from TrendMicro & Kaspersky to get a more specific name
(you need to temporarily disable AV-Resident Shields/Monitors to be able to scan the file online)

if they don’t find anything wrong with it, send it in to avast, otherwise delete it

:wink:

:cry: Hi I am new to this group. Last night I started mt PC and Avast did a virus scan and it detected a virus and asked what I wanted to do to it and I said remove it. The virus was Win32.trojan.gen.
Then I tried to reboot my PC and it did not do anything. As of this morning I still can not get my PC to boot up for me.
I use Win XP Home Edition with the updates.I have a Celeron Processor,
HD is 60GB
Memory is 256
CDR is Mitsumi
CDRW is Yahama
Video Card is Intel(r) 82815 Graphics Controller
Sound Card is Analog Devices ( SoundMAX Integrated)

I hope someone can help me to figure out what is going on with my PC.
I use it everyday as I am disabled and this is my line to the outside world.
Thanks
De

Hi,

no noise or beeps or LED’S flashing ? nothing on the monitor ?
If so, this sounds more like a hardware problem to me, rather than trojan-related

have you checked all cable connections inside and outside and are all the PC-Cards correctly set in their slots ?

:cry: Hi , I took my CPU into a shop yesterday and they did a quick check and my power supply was no good. She also thinks that my Motherboard is shot.
I have not gotten a call from them today to let me know what the problem is, hopefully I will get a call tomorrow from them.
Thanks Much
Denise-goofiegram