Avast WEBforum
Other => Viruses and worms => Topic started by: Alcir on April 29, 2012, 03:07:33 AM
-
O Avast sempre me notifica sobre o vírus win32:pup-gen, mas, ao tentar removê-lo para a quarentena (assim como excluí-lo), aparece a seguinte mensagem: erro: o Sistema não pode encontrar o arquivo especificado (2). Ao iniciar novo escaneamento, o Avast sempre o localiza, mas não consegue removê-lo. Como devo proceder?
-
Buenos Alcir,
Following is the google translation to english of above post:
Avast always notifies me about the virus Win32: pup-gen, but when trying to remove it to Quarantine (and delete it), the following message appears: Error: System cannot find the file specified (2). When starting a new scan, Avast always finds it, but can not remove it. How should I proceed?
Never delete. If possible, always place in quarantine. If the file is determined to be clean later, you can always restore it. You cannot do this when delete is chosen, file is gone forever.
You can also post here in the non-english zone if you wish: http://forum.avast.com/index.php?board=21.0 (http://forum.avast.com/index.php?board=21.0)
EDIT: Update post.
On further analysis, see this thread about [PUP] alerts: http://forum.avast.com/index.php?topic=93372.0 (http://forum.avast.com/index.php?topic=93372.0)
As Pondus says, PUP scan is off by default in the normal quick/full scan. You have to turn it on to get this alert.
-
As Pondus says, PUP scan is off by default in the normal quick/full scan. You have to turn it on to get this alert.
but it is on in boot scan........
so is it a boot scan you are using?
and what is the name / location on the file detected?
-
O Avast detecta esse win32:pup-gen quando faço escaneamento completo ou escaneamento de inicialização boot, mas não consegue colocá-lo em quarentena. O arquivo infectado é C:\$Recycle.Bin\S-1-5-21-2557965090-2794394387-507434409-1007\$RX4XUYZ.msi|>disk1.cab|>Isass.exe. Não consigo encontrar esse arquivo no windows explorer.
Aguardo ajuda.
-
O Avast detecta esse win32:pup-gen quando faço escaneamento completo ou escaneamento de inicialização boot, mas não consegue colocá-lo em quarentena. O arquivo infectado é C:\$Recycle.Bin\S-1-5-21-2557965090-2794394387-507434409-1007\$RX4XUYZ.msi|>disk1.cab|>Isass.exe. Não consigo encontrar esse arquivo no windows explorer.
Aguardo ajuda.
Please post English here..!! ;)
Thanks.
-
@Alcir
Yes english. :D
For support on your language, try this subforum:
http://forum.avast.com/index.php?board=21.0
Isass.exe
This is an old worm using USB device to infect your PC.
Step#1
Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr
Double click dds to run the tool.
* When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt
Save both reports to your desktop. Attach DDS.txt back to topic.
Step#2
Download USBNoRisk (http://amf.mycity.rs/personal/bobby/USBNoRisk/usbnorisk.exe) to your Desktop and run it by double clicking the program icon.
- Wait a few seconds while the program performs a initial scan.
- Inserts your USB storage devices into USB slot one by one and keep in each one in slot for 10 seconds. We need to whati for USBNoRisk to check them:
>If you have multiple devices for scanning , then the piece of paper keeps track of the sequence are inserted, because we will need this information later.
- When you're done with all devices, click the right mouse button in the middle window and select Save scrambled log . This log will automatically open in Notepad.
Please attach the log from Notepad to the forum.
In the USB memory devices includes all devices that by connecting the computer to obtain your label partitions.
These include USB [and] flash [/ i] drives, external hard drives, memory cards, MP3 and MP4 players, some mobile phones, a GPS (navigation) devices and so on.
-
Quote from Alcir on April 28, 2012 @ 8:57:03 PM Google translation Portuguese to English.
Avast detects this win32: pup-gen when I scan or full scan boot boot, but can not put it in quarantine. The infected file is C: \ $ Recycle.Bin \ S-1-5-21-2557965090-2794394387-507434409-1007 \ $ RX4XUYZ.msi |> disk1.cab |> Isass.exe. I can not find this file in windows explorer.
I wait for help.
Hope this helps others to follow along. Note that Pondus was right, seems detection is either on normal scan or Avast! boot scan.