How to remove - win32: trojan-gen {other}

When I scaned my computer with avast it found that file hxdefdrv.sys is infected with win32: trojan-gen {other}. I removed it with the same program, but it was not successful. I even disabled system restore, and boot in safe mode, and same thing happened. I also noticed that there are too many programs running in my task manager - expecialy lots of svchost.exe.

Can somebody help me to remove it ?
Thanks

Hi,

Please read the link “VirusRemoval” below in my sig and then come back with more info, e.g.

  • What Win do you use ?
  • version of avast & VPS number/date ?
  • Hijackthis-Log
  • Results of Onlinescanners for the file

btw, your trojan is a bit of a toughy cause it’s a rootkit:

  • have you tried a boot-time scan with avast (if you have Win NT/2000/XP) ?

also try following the removal-procedure contained in these links…:
Trend-Info

:wink: :wink:

Hi, I’m woking with the Windows 2000 professional version, the Avast antivirus tells me I got the Win32:Trojan-gen!!! What should I do? Is it dangerous??

Thanx…

You could start by following the request/suggestions of whocares.

We really need more information to help you fully.

Please Help us to Help you - we need more information to be able to help fully,
- Your Operating System, is it up to date?

  • Your email program - if applicable.
  • avast! version and VPS file (virus database) number, e.g. 0436-4 (see about avast!)
  • Virus Name - infected filename
  • Location of infected file, e.g. C:\windows\system32\infectedfilename.exe

visit the User’s FAQ thread, it will give you a lot of useful advice.

A search of these forums for Win32:Trojan-gen will no doubt return many hit as this topic has been previously discussed a number of times.

General Advice & Tools for virus/trojan/malware removal

A HijackThis log is also helpfull in searching out Trojans, Eddy’s HiJackThis Info and Analysis page, HijackThis log file analyzer and follow the directions there and get back to us with more info if you need more help…

hi, I HAVE ALSO RECENTLY FOUND THIS VIRUS ON MY SYSTEM, WHICH ISNT GOOD ME THINKS! ( win32: trojan-gen {other} )

I am running win xp sp2.

along with Avast version 4.1 home.
VSP:11.10.2004 file version 0442-0

this is a copy of the message that i get in the avast log file:

11/10/2004 20:08:01 NT AUTHORITY\SYSTEM 860 Sign of “Win32:Trojan-gen. {Other}” has been found in “C:\System Volume Information_restore{DF288C16-B6BD-4E42-8C84-84230AE9EE6D}\RP31\A0005138.exe” file.

Dont look good.

Ive disabled system restore and used both avast and trend home call virus scans on this bitch but have come up with diddly squat! :-s

Could you please help?!

Disabling system restore will take care of it havfunky. Did you reboot after disabling it and did you checked if it still is disabled?

ive disabled it, and rebooted. yes, but didnt find it after. will it have gone now then?

yup it is gone. This was a false positive caused by the way system restore puts the files in that folder. So nothing to worry about now that it is gone.

can i put it back on now then (system restore i mean)?

thanks for your help eddy! :slight_smile:

If you have a need for it, you can put it back on. But you can get the same false positive back also that way. The choice is yours.

Hello, I have the same issue with win32: trojan-gen, getting rid of it is ok, but my question, Is this virus harmfull, also, why cant Avast take care of it when it finds it and you delete or move it to the chest.
Any help in this matter will be Appreciated.

Thank You All

I too have been having problems removing this virus, and I am running Windows 98, can somone please help me.

???How do you disable Dydtem Restore? I also have the virus and am on XPP.

Well you could use the windows help file > Start > Help and Support and search for System Restore and look at the results it gives.

Or
Win XP-ME - How to disable System Restore

My point is the information is on your computer, you only have to learn to use the tools.