Hello,
my PC is affected with win32:trojan-gen (other)…
My operting system is Windows Xp, Avast version is 4.1 home edition, VPS version installed is 433-3.
The name of infected file are:
A0011766.exe C:System Volume Information_restore
kernel32.dll in C:\WINDOWS\system32
winsock.dll " " " "
wsock32.dll
Please, help me!!!
Mariagrazia.
to get rit of the 1st one:
For the dll files:
It looks like you also have a lsp hijacker.
But if that is so, we deal with that one later.
Ok, I’ll try! Thank you Eddy!
Bye,
Mariagrazia
Hi,
Are you sure that you didn’t just list the entries in avast’s chest (from System-files or all chest-files) here… ?
→ NOT all entries in the chest are bad, only the ones in the VIRUS-section (see avast help/docu/FAQ’s)
please check again in the actual avast report right after a scan…
and exactly report the VirusName and full path/folder/filename for each INFECTION…
;)I too had this same bug. Its a pain if you let it be. follow eddys instruction on his link to the T! Be sure to scan in safe mode otherwise it spreads. Also refer to the top of the forum “general advise&tools” post by Who Cares. I also had to re-write the %catroot% system files. The instructions can be found @
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=BKDR_HACDEF.D
It gives you the virus technical stats and complete instructions on how to remove autostart entries from your registry, reset IE home pages, and restore Windows HOSTS file. Be sure to run a HJT log and let the experts decifer it for you. I fought this backdoor/hijacking freak for 4 days straight. But I won! U will too. Good luck and happy hunting.
lala
FYI-(the 3 system dll files that u mentioned could be a usefull tool to use when u are done de-buggin. I had to restore them in order 4 my system to work properly again)
I have been having the same issues. As an experiment, I took a small .jpg and scanned it with Avast, found to be clean. Then I used PGP to create a self-decrypting archive. I immediately had Avast report it had found win32:trojan-gen {VC}. Sounds like an Avast issue. I hope they fix it soon because I also discovered that no matter what Avast disposition you choose, it fubars the file. I don’t want Avast stomping on any critical files.
5150guy, can you submit one of such archives to virus@avast.com, please? Pack it with ZIP or RAR, protect it with a password and use a subject like “false positive” for the e-mail (don’t forgot to include the ZIP password).
Thanks.
(You may have to disable avast! resident protection temporarily so that you can create and send the file.)
I created a small .jpg and then created the self-decrypting archive (PGP) with a password of “avast”. I got the anticipated virus warning so I put it in the Avast Virus Chest. From there I sent it to Avast with a note providing the password.
Should that work?
Tnx