Infected by Win32:Trojan-gen. {Other} HELP HELP HELP

Hey Guys
. When I run avast home anti virus it comes up with the virus of Win32:Trojan-gen {Other} (regsrv.exe Infected: Backdoor.Optix.Pro.12). . I dont know what to do. I just cant seem to get rid of it. I have found a program to get rid of most of the problems that it causes. (By cutting the links in program files, so that you are unable to access any of your programs) but still I cant get rid of this Trojan. I need my computer to compleate a Paper due last week. Please Please help

Thanks

Hi,

What Win do you have ?
Where exactly was the infected file found (full path and filename+ fileextension

use TrendOnlineScan from www.trendmicro.com → products to properly identify your Optix.pro-Variant (scan whole PC) or
scan the infected file with Onlinescan from www.kaspersky.com

search for the virus names in the respective Virus-Databases (Trend/Kasp.) and follow the removal procedure…

Optix.Pro allows more or less complete remote control of your PC, so backup any important data on CD’S /disks until your are sure Optix is gone…

you need to change all the passwords recently (since the infection) entered on the PC AFTER the PC is cleaned :wink:

Some Info on Optix-Variants:

http://www.trendmicro.com/vinfo/virusencyclo/default2.asp?m=q&virus=optix&alt=optix

Hey
Im running win ME. and the full file extention is C:\windows\system\regsrv.exe
this is why that windows wont let me deleat it. What does this Trojan do? Because now that I have fixed the exe. problem what else does it do.

I tried going to the sites. And they did find the trojan. But after following the steps to remove it. It didnt work.

thanks for any help

Hi,

what are the exact names by Trend/Kaspersky-Scanners for your trojan ?
Please post the links to the respective description here, too…

General advice on trojan removal:

-scan for & identify infected files

  • search for the related trojan processes with taskmanager and kill the processes
    -remove registry/startup entries for the trojan files
  • if a scan then can’t delete the files, 'cause they’re in use, rename them in dos-box or reboot and rescan, then cleaning or deleting infected files
    that’s it… :wink:
    For WIN ME or XP you will also have to disable system-Restore temporarily; procedure is described on above Info-Sites, too…

For Win ME (& W9x) you might also try booting with Trend’S emergency disks: look up e.g. CIH in their DB, and you’ll find the Link

:slight_smile:

Hey again
Thanks so much for the information. I have goten rid of all the viruses on my computer (according to avast and tredmicro). However sometimes my icons keep changing, is that some other sign of a virus?? Or is it just some computer fault?

Thanks for any help

In my opinion, changing some of the icons randomly is a “feature” of Win9x. I remember a time when I got a new icon for Control Panel on every boot (Windows 98 SE). Later, it somehow stopped itself… I have no reason thinking that Windows ME should be different.

I.e. if it’s happening in a reasonable extent (just a few icons from time to time), I’d consider it “normal”. If your icons change heavily, then it’s strange - but it’s unlikely to be caused by a virus.

hey guys
the icons change all the icons change at once, but it only happens about 1 out of every 5 or 10 boots? So you have never heard of a virus that does that? Also my file icons change, for example a word file might have the internet explorer icon? I’m just worried because my computer has been infested for such a long time. However as I said both avast and tredmicro come up with nothing.

Actually another quickie, which is the best anti virus? Cause im using avast, (swiched from norton 2003) and I really dont know.

Thanks for any help

Search for a file called iconcache.db and delete or rename it.

iconcache.db? I must say I have never heard of such file… do you mean ShellIconCache?

Yes, does 98_* raman call it ShellIconCache? I only have Winxp?_

ShellIconCache is present on Windows 98, ME and 2000 (at least). I didn’t find such a file on Windows XP (but neither iconcache.db).

so do i search and deleat the first one or the secound one? Is it a virus? Or just a glitch? I am running Win ME

Thanks for any help

ok I searched for both files and couldnt find either one of them?

You don’t have ShellIconCache in your Windows directory? (Note that it’s got “hidden” attribute).

oh it is hidden? Im sure that i can find it by changing the view. Once the file is found do I just deleat and reboot?

sorry…when I reboot will the file be restored?

Yes, the file will be created again, it’s just a “cache”.
Of course, I’m not sure if it will help with with your problem… but it’s possible.

hey guys,
i think that that did the trick,however Im not sure because it was so much of a random thing anyways. Has anyone ever heard of a virus that does this, or is it just a proplem the the file becoming too learg ect.?