I have had no problems with my computer untill latly. First i get a virus Trojan horse downloader.stubby.a I dont know if I have gotten ride of it or not. It dont show un on scans anymore but when i scan now it says that i got Win32:Trojan-gen{other} I dont know how it got on there but ever since my computer has been freezing up and wont let me click on the tool bar to change progams. I dont know what to do if you can help me i would appricate it and the scan says that i have it and i tell it to delete it and it keeps comming back and i have tried to delete the file it is in and the file and the trojan keeps comming back.
go to http://housecall.trendmicro.com and scan to see if this is a false positive
I HIGHLY recommend housecall to anyone. I even emailed trend a Mac housecall is in the works wooo 8)
Okay i am going to do that but excally how do i know if it is or not? I dont have that much experance with this stuff lol
When i ran the scan it came back with two infected files. The virus’ were ADW RULEDOR.C and ADW SCANPORTAL.A I dont know what it means but if someone could help me i would like it thanks
this means you did not get rid of the trojan. and there is a new trojan :o I think you should send those files to Vlk so he can look at them
I am also getting this message and the available options aren’t working…it is giving me an error message if I hit the repair or delete actions…I don’t how to get rid of this… help please…thank you
Check the file here: http://www.kaspersky.com/remoteviruschk.html
or let avast clean the file ( in windows safe mode).
I have avast and when i run avast dont detect them to file in my computer at all. I will give it a shot and see what happends but i dont know if it will work i am going now to try to run it in safe mode to see what kind of results i get I will be back to tell if it will work of not.
I ran the test in safe mode and it didnt say that any of the files were infected. I dont know how to remove the virus. I looked for the files it was in and the fiels are not there. If you can help i would appricate it thanks
so i’m there with you. same story. emailed the virus in tonight. any progress or news?
boot log scan from this am:
03/12/2003 06:12
Scan of all local drives
Master Boot Record 0 Error 3221225491
File C:\System Volume Information_restore{253BEDF1-9980-4569-92A0-BB6A37196FD2}\RP14\A0001215.dll is infected by Win32:Trojan-gen. {Other} - Deleted
File C:\System Volume Information_restore{253BEDF1-9980-4569-92A0-BB6A37196FD2}\RP14\A0001248.dll is infected by Win32:Trojan-gen. {Other} - Deleted
File C:\System Volume Information_restore{253BEDF1-9980-4569-92A0-BB6A37196FD2}\RP15\A0001295.dll is infected by Win32:Trojan-gen. {Other} - Deleted
File C:\System Volume Information_restore{253BEDF1-9980-4569-92A0-BB6A37196FD2}\RP17\A0001377.dll is infected by Win32:Trojan-gen. {Other} - Deleted
File C:\System Volume Information_restore{253BEDF1-9980-4569-92A0-BB6A37196FD2}\RP18\A0001459.dll is infected by Win32:Trojan-gen. {Other} - Deleted
File C:\System Volume Information_restore{253BEDF1-9980-4569-92A0-BB6A37196FD2}\RP36\A0003908.dll is infected by Win32:Trojan-gen. {Other} - Deleted
File C:\System Volume Information_restore{253BEDF1-9980-4569-92A0-BB6A37196FD2}\RP4\A0000438.dll is infected by Win32:Trojan-gen. {Other} - Deleted
Number of searched folders: 5394
Number of tested files: 159901
Number of infected files: 7
so, am I cured?
and what are the chances that this was all just a false positive generated by an updated version of cywgin.dll from www.cygwin.com?
Win32:Trojan-gen is a generic name for large number (currently 20500, but growing) number of different pieces of malware. Avast detects all those programs by one method. Sometimes there is a false positive.
When there is a problem with a Trojan-gen, it’s essentiall to provide the particular file. Because of generic nature of this virus alarm it isn’t possible to tell what is happening without the file. Two problems with a “Trojan-gen” might be completly unrelated!
erdoc: There is really a false positive in one version of the cygwin library. We’ll repaired it in the next virus database edition - probably on friday.I don’t know if you mailed the file to the hosecall.trendmicro or to us. I answered one e-mail with the cygwin today.
The files in the System Volume Information folder are backup copies created by the Windows System restore function. It isn’t possible delete them when the Windows running, but bootscan can delete them. It might be better to switch the System restore off and let the Windows delete the files in this folder.
shaun41902: Please send the files marked by the TrendMicro scan to virus@asw.cz and write why you are sending them or the reference to this forum.
The Adw in the malware names from the Trend’s scan probably means “Adware” - a software for advertising (displaying pop-up windows with advertising, changing the browser homepage, hijacking queries to the searching engines and displaying advertising based on them, etc.).
okay.
i’m fairly confident that my issue is a false positive from cygwin. Is there a way to tell avast to ignore this particular file, or when is the next update out?
thanks again,
I will try to send the files but last time i went to look for them they werent there so i dont know if i will be able to send them at all but i will give it a shot.
I just tried to send the files over and i wouldnt let me cause aol said that i wont send a file with a virus in it. So how do i do it now? please help i want to fix this computer
by FTP
ummm i dont know how to do thatif you could tell me how to i would do it thanks
Please post a hijackthis log: http://www.tomcoyote.org/hjt/
Download then unzip the file and double click on the “HijackThis” icon.
When finished loading click on the “Scan button”.
Next click on the “Save Log” button. Save the log somewhere you will remember and open the log file with notepad. Then copy the contents and paste them in a reply to be checked. (Taken from http://forums.net-integration.net/index.php?showtopic=6624)
Put the files to the chest. The chest files are encrypted, so no antivirus software is able to find infection in them. Then, open the chest and right-click on the infected files. Choose “Email to ALWIL”. Please write the reason why you are sending them and don’t forget the return address if you want an answer.
You can also zip (or rar or whatever) then with a password. With the password, the archive is encrypted.