I have this virus called the Win32abc virus and I can't remove it

I keep trying to delete it but the file won’t let avast to remove it, I think its called PE?something, I can’t remember the full name, all I know is that it won’t let me remove it, and its driving me up the wall, so how do I remove it.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast icon), Warning section, this contains information on all avast detections.

Windows in its infinite wisdom protects files in use (even malware) or in system folders, so it is likely that avast! can’t delete or move files in use. So schedule boot-time scan in avast’s menu if you have XP, win2k or NT, otherwise boot into safe mode and run an avast scan. This should ensure that the file isn’t in use and avast should be able to deal with it.

If you have XP or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, Menu, ‘Schedule boot-time scan…’ Or see http://www.digitalred.com/avast-boot-time.php

it is the Win32 Alphabet trojen, and its in
C:\DOCUME~1\Nicole\LOCALS~1\Temp\163125.exe[PECompact] and I just ran a boot startup scan and it did absolutly nothing to remove it, and its really starting to get on my nerves since it keeps popping up every five seconds, and I can’t get rid of it, now I don’t know how to turn off system restore, but if you can tell me how to, that would be good, I just can’t go through anymore of these constant alerts I have recieved more than five of them even now as i type this, and it is always the same virus, I had adware on my computer, but I have dealt with them with another program, but this one refuses to die and it constantly interupts me every five seconds and I can’t handle it any more, so any suggestions on how to remove it without having to reformat is greatly appretiated.

For files that continually come back there are other elements, undetected

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.

  1. Ewido, a.k.a. avg anti-spyware If using winXP. or a-Squared free if using win98/ME.
  2. Ad-Aware SE Personal Edition
  3. Spybot Search and Destroy

Win XP-ME - How to disable System Restore. Though I’m not sure if this is necessary as the file isn’t in the system folder/s, it may be that there are other files which might be.

What is your firewall ?
If it is a trojan downloader bringing in this file, a firewall should be there to protect against unauthorised outbound Internet Connections.

That’s me for the night, almost 2:30 a.m. here, your answers may help any other members on the forums to help you.

well the ad aware program seems to that you have to pay to register so I can remove the malicious software, and I really don’t have the money to do that, as for avast, I have it, I just don’t want to have to pay to be able to remove the virii from my computer.

AdAware SE is free for personal use and it should work fine without paying or registering to remove detections, are you sure you downloaded the correct one there is also a paid for upgrade. It is one of the tools I use ‘free’.

In fact not. Ad-aware, avgas (formely ewido), spybot, spywareterminator, etc. are free for removal. The first two need to be payed IF you want to use the resident guard of them, not for remove infected objects.

:slight_smile: Hi David :

 The "Buy Now" next to the "Download Now" on the download.com site
  for Ad-Aware being able to cause confusion is the main reason I have
  recommended www.majorgeeks.com/download506.html . No such
  possibility on majorgeeks for a misinterpretation. I wonder if Lavasoft
  "promotes" Download.com as their "Primary" site to "encourage" people
  to buy one of the pay-for-it versions.
  Many of those who used to help out on their Support Forums also
  recommended the majorgeeks site; would recommend you do likewise .

  And nowadays, SUPERantispyware, even its FREE ver, is considered
  superior to Ad-Aware .

It may be nothing more than Download.com trying to generate some affiliate revenue perhaps.

Nothing was implied about superiority, as you can see there were a number of options and my post was in response to help_me’s statement that you had to pay to remove malicious detections.

All the freeware that could be downloaded from there have this stupid button.
Another reason to walk away from the biased download.com.

I have no problem with them trying to earn a crust for providing a service, but as Spirit mentioned it is too close and can cause confusion. I tend to use snapfiles (http://www.snapfiles.com/reviews/Ad-Aware/adaware.html) also majorgeeks (link posted by Spirit) on occasion.

Besides Snapfiles and Majorgeeks, I suggest FileForum as a very good download service.
It alerts for updates by email too.
http://fileforum.betanews.com/

Hi help_me,

Here are the removal instructions for this malware:
http://www.ca.com/us/securityadvisor/virusinfo/virus.aspx?id=57738

polonus