Trojan-gen virus! Help Me!

can anyone help me! my avast antivirus detects a virus Trojan-gen at c:\windows\system\drivers\imoagent\service.exe & chatrecord.dll

i already send it to virustotal and here are the result:

File has already been analysed:
MD5: ba41ca2b38db5ab5794943546f2140ee
First received: 2009.03.19 11:57:43 UTC
Date: 2009.03.19 11:57:43 UTC [>236D]
Results: 8/38
Permalink: analisis/f77760258a05baed33d3f8098b06dd25862d8cc11e611f641d25df6d8623902b-1237463863

can anyone help me if dis is a virus or false positive??

Hello icezbox

send the files to virus@avast.com you can zip both the files, password protected. put the password and link to this topic in the body of the email.

nmb

Helo nmb, can u help me how i can zip it with infecting my other files?

Helo nmb, can u help me how i can zip it with out infecting my other files?

I dont how to zip from explorer. because I use 7- zip. A very effective program.

you can get it here : http://www.filehippo.com/download_7-zip/download/e79e205266a58fac104576b721bcf2fb/

or better you can add it to avast chest and then send to avast from there. do you know how to send from there?..

nmb

@ icezbox
Add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.

Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.

I successfully removed a malware infection using Malwarebytes.
This is a free program, but after having used it twice now to remove malware infections that Avast was not able to remove, I’m going to pay for a registration.
You can download it here:
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

Hello TreeDoctor,

Thanks for sharing your experience. but this is “most likely” an fp. or might not be. so submitting the file to avast is the best option. scanning with mbam is no harm and if it comes up with any detection then that is also appreciated.

thanks
nmb

thanks for your help!!

@nmb

can guide me on how to send it to avast?

Oki icezbox,

send from avast chest:

right click avast! tray icon > start avast! av > right click on the skin > virus chest > user files > add > browse for the infected file c:\windows\system\drivers\imoagent\service.exe & chatrecord.dll add both of them. select the files and click email to avast icon.it will then ask whether it is fp or active malware. select fp and click ok. close the avast chest and skin. and do a manual update of avast! so that the file is submitted.

nmb