Author Topic: How to remove - win32: trojan-gen {other}  (Read 8054 times)

Offline matan

  • Newbie
  • *
  • Posts: 2
  • I'm a llama!
    • Personal Message (Offline)
How to remove - win32: trojan-gen {other}
« on: September 20, 2004, 08:51:55 PM »
When I scaned my computer with avast it found that file hxdefdrv.sys is infected with win32: trojan-gen {other}. I removed it with the same program, but it was not successful. I even disabled system restore, and boot in safe mode, and same thing happened. I also noticed that there are too many programs running in my task manager - expecialy lots of svchost.exe.    

Can somebody help me to remove it ?
Thanks

Offline whocares

  • Super Poster
  • ***
  • Posts: 1698
  • I'm not a llama! :-)
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #1 on: September 21, 2004, 01:30:54 PM »
Hi,

Please read the link "VirusRemoval" below in my sig and then come back with more info, e.g.
- What Win do you use ?
- version of avast & VPS number/date ?
- Hijackthis-Log
- Results of Onlinescanners for the file

btw, your trojan is a bit of a toughy cause it's a rootkit:
- have you tried a boot-time scan with avast (if you have Win NT/2000/XP) ?

also try following the removal-procedure contained in these links..:
Trend-Info


 ;) ;)
« Last Edit: September 21, 2004, 01:32:40 PM by whocares »

Offline Davide

  • Newbie
  • *
  • Posts: 1
  • I'm a llama!
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #2 on: September 23, 2004, 11:26:52 AM »
Hi, I'm woking with the Windows 2000 professional version, the Avast antivirus tells me I got the Win32:Trojan-gen!!! What should I do? Is it dangerous??

Thanx..

Offline DavidR

  • avast! √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 69218
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #3 on: September 23, 2004, 04:54:08 PM »
You could start by following the request/suggestions of whocares.

We really need more information to help you fully.

Please Help us to Help you - we need more information to be able to help fully,
    - Your Operating System, is it up to date?
   - Your email program - if applicable.
   - avast! version and VPS file (virus database) number, e.g. 0436-4 (see about avast!)
   - Virus Name - infected filename
   - Location of infected file, e.g. C:\windows\system32\infectedfilename.exe

visit the User's FAQ thread, it will give you a lot of useful advice.

A search of these forums for Win32:Trojan-gen will no doubt return many hit as this topic has been  previously discussed a number of times.

General Advice & Tools for virus/trojan/malware removal

A HijackThis log is also helpfull in searching out Trojans, Eddy's HiJackThis Info and Analysis page, HijackThis log file analyzer and follow the directions there and get back to us with more info if you need more help....
« Last Edit: September 23, 2004, 04:54:37 PM by DavidR »
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline havfunky

  • Newbie
  • *
  • Posts: 3
  • Gender: Male
  • I'm a llama! no im not!
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #4 on: October 11, 2004, 09:29:57 PM »
hi, I HAVE ALSO RECENTLY FOUND THIS VIRUS ON MY SYSTEM, WHICH ISNT GOOD ME THINKS! ( win32: trojan-gen {other} )

I am running win xp sp2.

along with Avast version 4.1 home.
VSP:11.10.2004 file version 0442-0

this is a copy of the message that i get in the avast log file:

11/10/2004 20:08:01   NT AUTHORITY\SYSTEM   860   Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{DF288C16-B6BD-4E42-8C84-84230AE9EE6D}\RP31\A0005138.exe" file.  


Dont look good.

Ive disabled system restore and used both avast and trend home call virus scans on this bitch but have come up with diddly squat! :-s

Could you please help?!

Offline Eddy

  • avast! Evangelist
  • Serious Graphoman
  • ***
  • Posts: 9889
  • Gender: Male
  • Watching (over?) you
    • Malware removal, Biljart and other things.
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #5 on: October 11, 2004, 09:35:03 PM »
Disabling system restore will take care of it havfunky. Did you reboot after disabling it and did you checked if it still is disabled?

Offline havfunky

  • Newbie
  • *
  • Posts: 3
  • Gender: Male
  • I'm a llama! no im not!
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #6 on: October 11, 2004, 09:41:39 PM »
ive disabled it, and rebooted. yes, but didnt find it after. will it have gone now then?



Offline Eddy

  • avast! Evangelist
  • Serious Graphoman
  • ***
  • Posts: 9889
  • Gender: Male
  • Watching (over?) you
    • Malware removal, Biljart and other things.
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #7 on: October 11, 2004, 09:46:24 PM »
yup it is gone. This was a false positive caused by the way system restore puts the files in that folder. So nothing to worry about now that it is gone.

Offline havfunky

  • Newbie
  • *
  • Posts: 3
  • Gender: Male
  • I'm a llama! no im not!
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #8 on: October 11, 2004, 09:47:33 PM »
can i put it back on now then (system restore i mean)?

thanks for your help eddy! :-)

Offline Eddy

  • avast! Evangelist
  • Serious Graphoman
  • ***
  • Posts: 9889
  • Gender: Male
  • Watching (over?) you
    • Malware removal, Biljart and other things.
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #9 on: October 11, 2004, 09:55:44 PM »
If you have a need for it, you can put it back on. But you can get the same false positive back also that way. The choice is yours.

Offline Njguy

  • Jr. Member
  • **
  • Posts: 30
  • Gender: Male
  • I'm a Newbie Here
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #10 on: October 17, 2004, 04:29:47 AM »
Hello, I have the same issue with win32: trojan-gen, getting rid of it is ok, but my question, Is this virus harmfull, also, why cant Avast take care of it when it finds it and you delete or move it to the chest.
Any help in this matter will be Appreciated.

Thank You All

Windows XP Home Edition

Offline Ruff Knight

  • Newbie
  • *
  • Posts: 1
  • I'm a llama!
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #11 on: October 19, 2004, 04:03:24 PM »
I too have been having problems removing this virus, and I am running Windows 98, can somone please help me.

Offline drussel

  • Newbie
  • *
  • Posts: 1
  • I'm a llama!
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #12 on: October 20, 2004, 10:52:32 PM »
 ???How do you disable Dydtem Restore? I also have the virus and am on XPP.

Offline DavidR

  • avast! √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 69218
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re:How to remove - win32: trojan-gen {other}
« Reply #13 on: October 21, 2004, 10:52:11 AM »
Well you could use the windows help file > Start > Help and Support and search for System Restore and look at the results it gives.

Or
Win XP-ME - How to disable System Restore

My point is the information is on your computer, you only have to learn to use the tools.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now