I’ve read throughout the forums about this virus and ive got it myself, the lil bitch keeps regenerating whenever i delete it. I have no idea what it does, how i got it, when i got it but most importantly how the hell to kill it!
ive got the info from the chest:
C:\program files\Common files\updater\Delupdat.exe
was infacted by the win32:trojan-gen {VC}
and
C:\program files\Common files\updater\Sui.exe
with the exact same virus
ive had this thing for about a week now and have repeatedly attepted to kill it but with no luck. so how do i kill it? and also what does it do? is it harmful? please help me.
Thanks
Hi,
what about the results of other scanners, e.g. from Trend, KAV, RAV ?
or running SPYBOT, AD-Aware and Cwshredder ?
see the other “trojan-gen” posts for Links & details
you might want to try booting the PC in SafeMode (press F8 when booting, until a menue appears; select safeMode)
Then delete the file with avast, or manually
there seems loads of malicious or unnecessary stuff in there
Did you do a thorough scan with avast ?
also use onlinescanner from Trend and www.ravantivirus.com
remove found malware according to info on avast’s pages, VGREP (see below) or google
also install, update, scan and fix with:
Ad-aware, cwshredder
Check the files listed in the Hijackthis-log with http://www.sysinfo.org/startuplist.php (and search on Google)
and scan them with KAV (see below),
to see what’s malicious or useless: fix those with hijackthis
Links and further details can be found via the board search or google
then scan again with hijackthis and post the NEW log here
thanks, but i seriously have no idea what im doing here
i used the online scanner on my C:\ drive, but avast on access scanner was on too so it was finding the virus before housecall could, it found 3 (of you guessed it, trojan-gen {VC}) i moved them to the chest.
also, i came home from colledge to find my dad had started playing a game, all he said was “the scanner said it was ok so i switched it off.”
im now looking through the filenames on my new hijackthislog, and so far ive found some live sexchat thing, sahagent and everything else so far is clean.
as i said though, i have no idea what im doing so if someone could tell me what and what not to delete, I will appreciate it.
it seems you have the AV-Monitor /resident shield/Vshield of BOTH avast and Mcafee running simultaneously …
That is BAAADDD!! disable one of them permantly
(or if our subscription to mcafee has run out, uninstall Mcafee completely)
uninstall new.Net /newdotnet via control panel → Software/programs
PAUSE avast’s ResidentShield = AV-Monitor BEFORE you do a scan with
Ad-Aware and cwshredder or other scanners
→ Fix everything found
do a scan with Trendmicro’s and then RAV onlinescanner (with avast still paused); note the found virusnames exactly, and look up info for Trend here: http://www.trendmicro.com/vinfo/virusencyclo/
and for RAV results here: http://www.virusbtn.com/resources/vgrep/index.xml
(select Gecad RAV in the VENDOR menu, enter the found trojan/virus-name and follow the red links to the instructions on removal to trend, mcafee or symantec)
if you don’t succed there, tell us for each finding of Trend and RAV:
exact virus name and exact location (full path/folder/filename)
rerun spybot and ad-aware again, best in SafeMode (F8-Boot); fix everything found
if something keeps occuring there, report here what it is
remove everything in the hijackthis-log from O16 DPF … that you don’t know or need
is www. btbroadband. com/ your desired startpage ?
if not: fix it