Win32:Trojan-gen {Delphi}

Hello all ;D first post and it’s for help, i scan my PC in the morning and found this Trojan out of no where and it’s attach or at least it seams that way to an application that is from my ISP from when I Installed the modem/router that they give me for the Internet access it install this application so we could check the status of the connection so I don’t know if is a false positive or what I haven notice nothing wrong whit my PC and when I stilled Avast! 4.7 Home it did not warn me of any suspicious files. So if some one has any help it would be great fully accepted.

Name Path
A0062756.exe C:\System Volume Information_restore{7EB0F16B-5F9D-4585-AFB9-AEA8D9500471}\RP126

ctrbt.exe C:\Archivos de Programa\Asistente de Prodigy

Both files have the date of last change of 06/12/2001 which also made me think before i deleted them because I just got this PC 4 months ago so i just move them to the chest.

My Pc has:

Win XP Pro SP2 in Spanish
512 DDR 2
Intel Core 2 Duo 2.0 Ghz
80 Gigs HD split in to 18 (ish)Gigs for the system and 57 (ish) for the all other stuff
80 Gigs for more stuff
40 Gigs for more stuff (empty)
Avast! 4.7 Home
Spybot S & D
Windows Defender
FireFox as my Internet explorer

If any more info need it just ask. Sorry for my English not to fluid on it.

P.D.:
Maybe some could tell the Avast people to open forums in other languages for all of us who do not really know much of English. Thanks for your time only if you read this post and don’t have any suggestions.

The date of last change may be the same as the creation date of the original file and could possibly pre-date your system purchase.

You say you deleted them, but go on to say you moved them to the chest (the best action). If you have a copy in the chest we can scan it with other scanners to confirm the detection was good.

First - Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting, see below.

You could also check the offending/suspect file - Upload to VirusTotal - Multi engine on-line virus scanner and report the findings of these files here. If any are detected by multiple scanners send example to avast.

If it is indeed a false positive, add it to the exclusions lists:
Standard Shield, Customize, Advanced, Add and
Program Settings, Exclusions

Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.

Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and false positive in the subject.

Or you can also add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.

Your English is fine, and most of those who volunteer here can help in English but might not be able to do so in another Language, this way more people can help you. The problem with having other Language forums is supporting that language.