win32 trojan-gen[other]+system files

Iv been regularly checking my system, but didn’t scan for a while, but when i did many files were infected by Win32 Trojan-gen {other}'. As many of them were in system folder, i didn’t do anything, due to me NEEDING my computer, but when i then did re-scan, to delete these files, there seemed to be far more files infected (epidemic, aaggghhh).

i duely moved these to the chest, in case they were a critical part of windows, my Windows installer is now not functioning,(but this may be due to a few Trojan horses installing servers from one on my loverly friends).
the hard drive now seems to be working FAR harder than it has before, and the general speed of my machine has decrease, even though iv also deleted a few mp3’s as i thought i was just running out of space. my hard drive in now 19% free.

the main files infected are in the windows ‘system 32’ folder and the ‘System volume Information’
other files infected, which iv now deleted were a few in ‘avast’ folder, and the original ‘avast’ set up program.

any help would be greatly appreciated, as the sooner i fix this, the sooner i can get back to revision!

thanks
linds

Hi lindsam,

Firstly, run the online spyware and virus scans in my signature below. Then download and run ewido.

You can re-install windows installer here: Windows XP, 2000; Windows 9x, ME.

Then download and run CCleaner to remove unnessessary files from your computer and free up disk space.

If you find a virus keeps coming back after you delete it, it’s most probably infected the System Restore folder, the best way to solve this is to disable System Restore, reboot your machine and then enable it again. After all, run a full avast! scanning. System Restore cannot be disabled on Windows 9x.

I suggest:

  1. Disable System Restore (enable it at the end of scanning/cleaning):
    Windows ME: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q264887
    Windows XP: http://support.microsoft.com/default.aspx?scid=kb;[LN];310405

  2. If you have XP: Schedule a boot time scanning (Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot).
    If you have Windows 98\Me: boot in SafeMode (repeatedly press F8 while booting): http://support.microsoft.com/default.aspx?scid=kb;en-us;315222

  3. A full scanning with avast, Ad-aware, SpyBot and Microsoft Antispyware :wink:

And then post a HijackThis log. :wink:

urb, one newbie sat here!
what is a ‘HijackThis’ log?

iv done the system cleanup and the delete all the virus, remove system restore and all of that. i did i full scan, and nothing came up. does this now mean im ‘clean’ as iv been banned from backing up my laptop until i am!

thanks to all of you

linds

It is a useful diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial
For an on-line analysis - HiJackThis Log file - On-line Analysis
Ignore any 023 reference to avast processes, this is a hiccup in the HJT 1.99.1 (especially missing file entry for avast), if you need any help with any of the analysis let us know.