Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: iamcolinlol on September 26, 2007, 04:37:07 PM

Title: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: iamcolinlol on September 26, 2007, 04:37:07 PM
Hi guys, i'm pretty angry at this virus/trojan/worm whatever.
It comes up every boot and its friggin annoying me. It's the same
as some other people's located in system32/drivers
As i always search first, many people have this problem and many
methods to fixing it. Please help me. I don't know what's safe anymore
i ran a anti-rootkit it says make sure i know what im doing, deleting it
can cause it to stuff up and i didn't dare press ' Ok '. I don't know what
to do. There is a method to run a program called Autorun and go into
safe mode and delete it but i don't want to mess up this computer again.
PLEASEE HELP ME!!!!
Title: Re: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: DavidR on September 26, 2007, 05:01:02 PM
It would be helpful to get the file name and location, e.g. (C:\windows\system32\infected-file-name.xxx) ? 
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections.

If as you say you have searched and found many methods to fix it, etc. which have you tried ?
Title: Re: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: giorom60 on September 26, 2007, 05:28:32 PM
I have the same problem. On my PC the infected file is C:\WINDOWS\System32\Drivers\mchInjDrv.sys which should be a driver for injecting code to other processes but I've no idea of where it came from.
Every time I boot the PC Avast detect the file and I move it to the chest, bu it reappears at the next boot. Executing a start-up scan Avast does not detect anything.

I'm not even sure it is a real infection since I checked the file at http://virusscan.jotti.org and out of 20 antivirus programs only Avast and VBA32 detected something for the others 18 the file was ok. So it could be a false positive. I emailed the infected file to Avast and I hope to receive an answer.
Title: Re: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: Spiritsongs on September 26, 2007, 06:18:47 PM
 :)  Hi iamcolinlol & giorom60 :

      Best to get a "2nd Opinion" from trustworthy antiSPYWARE/antiTROJAN
      programs, such as AVG AntiSyware, most easily downloaded from
      www.ewido.net and/or the FREE version of SUPERAntiSpyware from
      www.superantispyware.com .

      giorom60 :

      When it comes to using a "Tester", better to use virustotal than Jotti .
Title: Re: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: DavidR on September 26, 2007, 06:46:19 PM
Another vote for VirusTotal - Multi engine on-line virus scanner (http://www.virustotal.com/) I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently over 30 different scanners.
Title: Re: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: iamcolinlol on September 27, 2007, 02:53:25 AM
I have the same problem. On my PC the infected file is C:\WINDOWS\System32\Drivers\mchInjDrv.sys which should be a driver for injecting code to other processes but I've no idea of where it came from.
Every time I boot the PC Avast detect the file and I move it to the chest, bu it reappears at the next boot. Executing a start-up scan Avast does not detect anything.

I'm not even sure it is a real infection since I checked the file at http://virusscan.jotti.org and out of 20 antivirus programs only Avast and VBA32 detected something for the others 18 the file was ok. So it could be a false positive. I emailed the infected file to Avast and I hope to receive an answer.


Mine is the same as yours, same one: C:\WINDOWS\System32\Drivers\mchInjDrv.sys
Virus/Worm
Title: Re: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: DavidR on September 27, 2007, 03:08:04 AM
Ensure you have the latest VPS update, I believe this has been resolved in it.
Title: Re: Win32 Trojan-gen {other} won't delete!! Help please!!
Post by: giorom60 on September 27, 2007, 09:54:23 AM
Confirm. The problem has been fixed with WPS 777-1