taskmgr.exe with Win32:Trojan-gen. {Other} infected?

Hello!

After the last update ov AVAST I’m getting this message all the time:
taskmgr.exe is infected with Win32:Trojan-gen. {Other}
I have scanned it during the system reboot, but AVAST couldn’t cure it.
I have this message on all my computers (3), so it’s very strange, I cann’t believe, that all of them were infected at the same time.
I have russian Windows 2000 SP4.
Please advice!
Hope to find any solution, because I cann’t start Task Manager at all :frowning:

Thank you in advance!

With best regards, Alex

What is the location of the infected/suspect file e.g. (C:\windows\system32\infected-file-name.xxx) ? Check the avast! Log Viewer (right click the avast icon), Warning section, this contains information on all avast detections.

There are some malware infections that block access to Task Manager to stop you from killing malware processes. They may redirect or kill the file association for it, I don’t use win2k so I’m not sure of the system folders, but taskmgr.exe is in c:\windows\system32.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 29 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.

  1. Ewido, a.k.a. avg anti-spyware If using winXP. or a-Squared free if using win98/ME.

Hello,

new update ov AVAST has solved this problem. I’ve additionally checked this file (C:\Windows\System32\taskmgr.exe) online, no one of the antiviruses has found anything there.

I think, the previous update has a bug…

Thank you for your reply!

With best regards, Alex

If the file you checked matches the location of the file detected by avast, I have just checked mine and no detection. So not even avast detected it on VirusTotal and Jotti ?

The last update was very big so it is possible, but it is strange it doesn’t detect anything in my XP version of taskmgr.exe.

If you are getting a virus warning that you believe is a false positive, then if you can zip and password protect (‘virus’, will do with the password in the email body) the suspect file and send it to virus @ avast.com (no spaces), or you can also send it from the avast chest (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest.

Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

The false positive affected only the Russian version of Win2k taskmgr, as far as I know. Sorry for the troubles.