Win32: Trojan - gen

Avast detected this virus, but it doesn’t remove it and it creates an error occurred during file repair message. Any suggestions?

Please tell us the file name and location because Trojan-gen doesn’t actually mean very much.

Have you tried a boot time scan?

(Start avast! anti-virus, right click on the GUI, select Schedule a boot time scan.)

If you have a cordless keyboard, set the default to ‘Move to Chest.’

If not, select ‘Move to Chest’ if avast! finds anything.

Make a careful not of anything avast! can’t remove.

Trojans generally can’t be repaired (either by the VRDB or avast virus cleaner), because the entire content of the file is malware, so it is either move to chest or delete, move to the chest being the best option (first do no harm). When a file is in the chest it can’t do any harm and you can investigate the infected warning.

The VRDB only protects certain files, .exe, dll and other system files, it doesn’t protect data files or all files, it is not a back-up program, so there are going to be many occasions where repair won’t be an option.

Only true virus infection can be repaired, e.g. when a virus infects a file it adds a small part to it, provided that file is one that avast’s VRDB would monitor and you have run the VRDB, then it may be possible to repair the file to its uninfected state.

However, for the most part so called viruses, trojans (adware/spyware/malware, etc.) can’t be repaired because the complete content of the file is malicious.

If the file is in use or in one of the windows system folders it will be being protected by windows. As Frank said we need some more info to be able to help fully.

What version of windows are you using?

Hello,
I’m having the same exact problem.
Here’s what my anti-virus log says:
Event Type: Warning
Event Source: avast!
Event Category: Client
Event ID: 90
Date: 1/5/2006
Time: 9:07:13 PM
User: N/A
Computer: *************
Description:
Sign of “Win32:Trojan-gen. {Other}” has been found in “C:\System Volume Information_restore{0F71BFC5-8F6B-4444-AC15-1021F7F1422E}\RP472\A0128864.DLL” file.

I have windows XP. Current with it’s updates including SP2.
We deleted it once and it’s returned.

I’d appreciate any help that anyone can give.

Thank you.

Please follow these links to find the answer link to find the answer:

http://www.pchell.com/virus/systemrestore.shtml

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?OpenDocument&src=sec_doc_nam

http://support.microsoft.com/kb/q263455/

Thank you for the information. How about a total restore using the restore CD and putting the computer back to like-new condition? Would that also get rid of it if no other methods do?

That’s the last resort. Deleting system restore files should solve your problem.

Thank you very much… I know that’s something that I’d rather not do too…lol

i cant get rid of the virus that infected my computer , i have the avast

home edition antivirus ,heres the name of virus thats in my computer,
c:\WINDOWS\SYSTEM\bH.dll[UPX]\bi.dll , Mallware name: Win32:Trojan-gen.
{Other}, Malware type: Virus/Worm: VPS version : 0602-1, 01/09/2006
RECOMMENDED ACTION :Move to chest (didnt work) , I even try deleting it but
still it didnt work is there any other way to get rid of this virus? PLs
help! reply ASAP! thank you…and im using Windows 98

IM new here so if anyone can help me i would really appreciate it and theres some kind of an error occurred during file repair message

Can you boot in Safe Mode and run avast from there?
Press F8 while booting and you should see the option for Safe Mode… I hope…

ill try

tried it on safe mode didnt get rid of the virus…

Hi shiegy,

Read here for info: http://webhelper4u.com/transponder/index.htm

You have fallen victim to Transponder Gangs’ scumware.

polonus

Hi shiegy,

You’ll need to run some anti-spyware programs to get rid of this one. The following are all good and free:

Ad-Aware http://www.majorgeeks.com/download506.html

Spybot Search & Destroy http://www.safer-networking.org/

a-Squared http://www.emsisoft.com/en/

Details of you infection here:

http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076992

The write-up above is from Computer Associates, you may want to try their product, Pest Patrol, if Ad-Aware and spybot don’t fix the problem.

There is a free one year trial available here:

http://www.ca.com/de/dsin/

Beware! If Pest Patrol detects ACTSKIN4.OCX as malware, do not remove it: this is a false positive, and part of avast!!

hi …i think i got rid of it , i did the the “find now” thingy and just deleted it , is that a wise thing to do or that was pretty stupid and now i just scanned my pc two more viruses shows up and move them to the chest but theres no options what to do with it , cant delete it or anything what you think i should do? just keep it there?

here are the names of the viruses

Move files to temporary folder: C:\WINDOWS.000\TEMP\asw21B4.TMP
FileID: 0000000014 Original file name: c:\WINDOWS.000\TEMP_avast4_\unp199431260 New folder: C:\WINDOWS.000\TEMP\asw21B4.TMP\14

Scan files in the temporary folder: C:\WINDOWS.000\TEMP\asw21B4.TMP
C:\WINDOWS.000\TEMP\asw21B4.TMP\14 Win32:BiSpy [Trj]

Move files to temporary folder: C:\WINDOWS.000\TEMP\asw3260.TMP
FileID: 0000000013 Original file name: c:\WINDOWS.000\TEMP_avast4_\unp221678560 New folder: C:\WINDOWS.000\TEMP\asw3260.TMP\13

Scan files in the temporary folder: C:\WINDOWS.000\TEMP\asw3260.TMP
C:\WINDOWS.000\TEMP\asw3260.TMP\13 Win32:Trojan-gen. {Other}

i think i got rid of all the virus thanks you guys! :slight_smile: and 1 more thing…is it ok if i have avast and a-squared running at the same time?

Hi shiegy,

You are better advised to run Avast and a-squared together,
they are a perfect company.

polonus

They both seem to work fine together, no adverse reports on the forums.

I would suggest that when you run a-squared to do a scan that you temporally pause Standard Shield other wise each file that a2 accesses will also be scanned by avast. This if nothing else should speed up the a2 scan.