Hello,
my avast antivirus finds “win32:trojan-gen (VC)” on my pc.
My operating system is windows xp. I have not yet problems with pc, but avast finds the virus.
Please, help me.
Thanks,
Mario

Is this with the latest vps installed? (443-3)
If so what file is infected and what is its location?

The name of infected file is:

C:\WINDOWS\Temp\Adrave\cd-install-329.exe\cd-client.dll

The VPS installed version is 0433-3.

Thanks,
Mario

Also infected files are:

kernell32.dll in C:\WINDOWS\System32

winsock.dll in C:\wINDOWS\System32

wsock32.dll in C:\WINDOWS\System32

Bye,
Mario.

Mario, these files specifically could be restored from Chest…
Can you try?
If you have Windows XP/2k, why don’t you schedule a boot time scanning?

Looks like there is a winsock hijacker on that system.

Microsoft release specifically patches (hotfixes) for correcting corrupted winsock files. Just search Microsoft webpage for your specific OS and the word ‘winsock’

Hello,
this is the first time in this forum for me…
I have a serious problem: my computer use an internal 56k modemto navigate in internet but yesterday it doesn’t connect. I scan my compute whit avast anivirus and it says that there is a Win32:Troyan-gen.{VC}. How can i resolv my problem and connect to internet???
p.s. my operative system is Windows Millenium ME

Thanks

Hi mario__,

please work through the link “VirusRemoval” below and then:

• tell us Where exactly the worm was found (full path/folder/filename)
• please post a hijackthis-Log here
• report the results of Onlinescanners KAV, RAV & Trend on it (avast shield needs to be paused while scanning online)

@1. mario:

the .DLL-files C:\WINDOWS\System32:
An educated guess:
avast didn’t alert you to them, but you found them in the CHEST ?
→ There are several sections in the Chest; those 3 are probably in the SYSTEM-files section and are clean backup copies

The infected DLL file C:\WINDOWS\Temp\Adrave\cd-install-329.exe\cd-client.dll:
just delete it manually or with avast in SafeMode (F8-Boot)