Trojan gen

I have 2 viruses 5 times in the last 48 hours. One is called win.32 Trojan.Gen, the other is Win.32.D.A [trj]. I tried to repair but when I couldn’t I just deleted it only to be told in less than 5mins it was back. Is it still lurking somewhere on my system? :-[

Hi,

  1. what Win do you have ?
    are all Windowsupdates applied ?

  2. Please tell us the exact location of the infected file(s):
    Full % exact path/folder/filenames for each

If you have Win ME/XP andf they’re located in the restore folder: disable Restore
otherwise emptying the IE-Cache via Inetoptions and java-cache via control panel->javaplugin might also help

there are numerous postings on the general procedure for “trojan.gen”, please read those also (board search above)
:wink:

this doesn’t exist in avast’s virus database, please come back with the exact name

what program and vps-version do you have for avast?
avast 4 home or pro ?

Didn’t look that closely but again left computer connected overnight and been attacked twice just got rid and it back again. Running windows XP. All I wrote down was win32.D.A [trj]. I got avast home addition. If it happens again I will take more notice and finally dont avast do a firewall. Been using XP’s own but to get downloads have to turn it off, maybe thats where I am letting them in.

hello changer, I have the same problem than you, this problem come back everytime when I have a TRJ. I found a solution but a don’t Know if it’s a good solution. I move to check the virus and avast don’t dectect anymore it. (sorry for my english: i am french) :wink:

hi Whocares,
I haves a question for you :wink:

wath is the good procedure?

  1. disabel restore system
  2. start avast
  3. repair files
  4. restart restore system
  5. restart compiuter

Just had another alert this time I tried to take more detail.
Win32:dialer-F[trj]
VPS verison 0403-6, 03/10/2004

C:documents and settings Temporary internet files\content\VZDLTT9U\GUX 143 UTS 6M_Wall [trj]exe.

Don’t know if thats any good to you. Getting sick of it.

Dialer in Internet Explorer cache… why not, sounds real.
Were you browsing some “not-very-decent-content” pages at the time when the popup appeared, or clicked some link saying you don’t have to pay anything for whatever access, just install a tool…?

Hi Clanger,

just empty your IE-Cache = T.I.F.

→ Close all Programs/browser windows → Control panel → internet options → General → delete Temp. Int. files & Check Offline files as well : OK
you may have to pasue avast shield for this

that’s it

for the future:
Apply ALL windows updates and secure your IE (disable activeX/Skripting except for know secure sites);
Use SUN’s Java instead of MS-Java
use some common sense when surfing and don’t click on everything

@fiorelo: Restore only needs to be disabled if some malware is (also) found in the RESTORE folder

at first comes getting info on the malware, e.g. by using other (online-)scanners, virusinfo pages and google

Think I sorted it but I don’t know what I am looking for in files to see if its gone. Not had anything come through for quite a while. So is it gone or is it lurking? Make it easy if you tell me to do anything please. And no don’t think I was browsing anything unusual looking through Music and Movie channels on P2P.