Author Topic: Win32:Trojan-gen  (Read 15056 times)

0 Members and 1 Guest are viewing this topic.

Mick_y

  • Guest
Win32:Trojan-gen
« on: April 07, 2013, 10:16:06 PM »
Hi! New here and am very freaked out right now!

A full scan on avast found a virus (Win32:Trojan-gen). I cannot do anything with it because the 42111 error pops up. A boot time scan showed that it is still there along with google earth zip corruption.

Scanned with both Malwarebytes and SUPERAntiSpyware, but they didn't pick up anything... Can anyone help me please? Also, if my google earth zip is corrupted, is that something I need to worry about?

Thank you!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Trojan-gen
« Reply #1 on: April 07, 2013, 10:20:05 PM »
What is the location of the warning file

Could you screenshot it please

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Win32:Trojan-gen
« Reply #2 on: April 07, 2013, 10:42:02 PM »
Quote
I cannot do anything with it because the 42111
meaning the file is inside a compressed file...and avast will not rip it out....as essexboy said, what is the full location/file path to the file detected

Quote
Scanned with both Malwarebytes and SUPERAntiSpyware, but they didn't pick up anything
malwarebytes does not scan compressed files...not sure about SAS

Quote
Also, if my google earth zip is corrupted, is that something I need to worry about?
any problems with google earth?.....avast may say corrupted if it cant unpack and scan it

files that cant be scanned are just that. does not mean they are infected



Mick_y

  • Guest
Re: Win32:Trojan-gen
« Reply #3 on: April 08, 2013, 12:13:30 AM »
Is this what you are looking for?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Win32:Trojan-gen
« Reply #4 on: April 08, 2013, 12:29:14 AM »
is this a hp computer?

Mick_y

  • Guest
Re: Win32:Trojan-gen
« Reply #5 on: April 08, 2013, 12:32:35 AM »
Man, you guys are really quick!

Yes, it is.

Thanks guys for your help!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Win32:Trojan-gen
« Reply #6 on: April 08, 2013, 12:35:42 AM »
the swsetup program belongs to hp..... not sure what it is...backup pogram?
or is it where all the preinstalled hp software is....like the preinstalled Norton

did you uninstall Norton before installing avast?   run norton removal tool    http://singularlabs.com/uninstallers/security-software/

so if it is backup, it may contain a backup of a previous infected file?
false positive detection?
or a Norton conflict?

« Last Edit: April 09, 2013, 11:40:26 PM by Pondus »

Mick_y

  • Guest
Re: Win32:Trojan-gen
« Reply #7 on: April 08, 2013, 12:46:26 AM »
I've had this computer since 2010 and have never seen this before. After my free subscription of Norton was up, I uninstalled everything Norton. The list of programs I have on my computer is: avast, malwarebytes, superantispyware, spywareblaster, and ccleaner.

I find it hard to believe this is a false pos, but if you think so, I wouldn't argue with you lol... Still, this is the first time it has come up and I have only had one false pos come up before in the 2 years of using avast which was the Windows winsxs.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Win32:Trojan-gen
« Reply #8 on: April 08, 2013, 12:52:21 AM »
well, check back tomorrow and see what essexboy have to say......night    ;)

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Trojan-gen
« Reply #9 on: April 08, 2013, 03:11:42 PM »
It is being detected in the software setup programme, and do to the nature of that file it could be good or bad.  Avast erred on the side of bad initially but it is a FP

Mick_y

  • Guest
Re: Win32:Trojan-gen
« Reply #10 on: April 08, 2013, 08:41:11 PM »
It is being detected in the software setup programme, and do to the nature of that file it could be good or bad.

What do you mean the nature of that file?

So if it is in the software setup program, is it always a FP?

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Trojan-gen
« Reply #11 on: April 08, 2013, 08:45:17 PM »
No it depends on what the instructions are for the programme to carry out.  If it is an HP setup file then it will do a lot more than a normal set up file ..  It will access various parts of the registry and the MBR

Mick_y

  • Guest
Re: Win32:Trojan-gen
« Reply #12 on: April 08, 2013, 08:56:42 PM »
Gotcha!

OK, but being the paranoid person I am, I have to ask, not questioning your intelligence, but how do you know if it's a FP?

In general, how do you find out if what avast found is an actual threat or a FP? How do FP's occur?

Thank!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32:Trojan-gen
« Reply #13 on: April 08, 2013, 08:59:57 PM »
The file is located in the C drive soft ware set up folder and I have an HP


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: Win32:Trojan-gen
« Reply #14 on: April 09, 2013, 11:43:45 PM »