Win32:Trojan-gen

system · March 10, 2009, 8:57pm

Ive been trying to find a solution to this since it continually pops up and Ive read in several places that this could be a false positive and was wondering if anyone could help me with confirming whether or not this is actually a problem (ill prolly need help removing it too) or if it is just a false alarm.

system · March 10, 2009, 9:19pm

My solution is if you think its a false positive

post on virustotal and send us the result
if its a virus send it to the chest
email alwil software
new virus and variant… then send
Wait…

There another thing u can do like download Malware Bytes or Super Anti Spyware for scan your pc but well first do what i say behind up and if its already infected your pc and not a false positive then do what i say right now.

Its up to other guy too if they want to suggest him something for help his pc.

Mr.Agent

Lisandro · March 10, 2009, 9:22pm

Can you inform the file as being a false positive? (click on the bottom right of the virus warning message).

To know if a file is a false positive, please submit it to VirusTotal and let us know the result. VirusTotal has a file size limit of 10Mb. You can use VirScan also.
If it is indeed a false positive, send it in a password protected zip to virus@avast.com. Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.

Maybe you need to disable Hide protected operating system files and enable View hidden files and folders to manage the file(s).

DavidR · March 10, 2009, 9:50pm

Lets first gather some information before we go jumping to any conclusion.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe

Why do you think it may be a false positive ?

Does it always come back with the same file name and in the same location ?

system · March 11, 2009, 9:19pm

DavidR post:4:

hsoj post:1:

Ive been trying to find a solution to this since it continually pops up and Ive read in several places that this could be a false positive and was wondering if anyone could help me with confirming whether or not this is actually a problem (ill prolly need help removing it too) or if it is just a false alarm.

Lets first gather some information before we go jumping to any conclusion.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe

Why do you think it may be a false positive ?

Does it always come back with the same file name and in the same location ?

Well i check the log viewer and its been popping up from several different locations but the most recent was in H:\WINDOWS\system32\nzm2.exe
The only reason I thought it might be a flase positive is because when I googled it some people on other forums were saying it was a flase positive and I just wanted to check myself with people from the Avast! forums whether or not what they were saying was true

DavidR · March 11, 2009, 9:33pm

This is by all accounts something to do with dRAM prosessor (spelling), see below. So do you have this program installed ?

This however is no guarantee it isn’t infected as a file name could be anything.
O4 - HKLM..\Run: [dRAM prosessor] nzm2.exe

I would suggested checking using virustotal as Tech mentioned and report the findings.

Is it always the same file name nzm2.exe as this too is important ?

Win32:Trojan-gen

Announcements