Author Topic: A little bit of quick help with trj[gen] and virus[gen]  (Read 2741 times)

0 Members and 1 Guest are viewing this topic.

sanderso

  • Guest
A little bit of quick help with trj[gen] and virus[gen]
« on: May 02, 2009, 01:01:21 AM »
I have been getting a lot of Win32 Trj[gen] and Win32 Virus [gen] lately. I keep moving them to chest, but they keep popping up. I've done several boot scans but they take forever and usually don't get anything. If anyone can help me with that, I'd greatly appreciate it. But the real reason why I'm posting is these questions--

Can I clean a file once I have moved it to the chest, and also, can I reclaim them onto my computer? I have moved some of my system files there b/c they aren't required and they kept getting infected.

My active Avast Scanner is scanning websites and e-mails that I am not sending, is this normal, or is that a virus?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89335
  • No support PMs thanks
Re: A little bit of quick help with trj[gen] and virus[gen]
« Reply #1 on: May 02, 2009, 01:49:40 AM »
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe - Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log

Trojans generally can't be repaired (either by the VRDB or avast virus cleaner), because the entire content of the file is malware, so it is either move to chest or delete, move to the chest being the best option (first do no harm). When a file is in the chest it can't do any harm and you can investigate the infected warning.

The VRDB only protects certain files, mainly .exe files, it doesn't protect data files or all files, it is not a back-up program, so there are going to be many occasions where repair won't be an option.

Only true virus infection can be repaired, e.g. when a virus infects a file it adds a small part to it, provided that file is one that avast's VRDB would monitor and you have run the VRDB, then it may be possible to repair the file to its uninfected state.

However, for the most part so called viruses, trojans (adware/spyware/malware, etc.) can't be repaired because the complete content of the file is malicious.

Can you explain in more detail exactly what you mean by avast is scanning email you aren't sending ?

Snap on what sites it is scanning when you aren't browsing (that isn't usual) ?

####
If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

sanderso

  • Guest
Re: A little bit of quick help with trj[gen] and virus[gen]
« Reply #2 on: May 02, 2009, 02:37:16 AM »
I'm not on my own computer right now, but as for actively scanning things I'm not doing it would be something like this:

Last item scanned: Outgoing Mail: Feeling inadequate... We can help!


or

Last item scanned DNS http://berkelee.edu

These will appear one after another just like one second apart. I don't send emails that look like that, and I've never been to Berkelee.edu

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89335
  • No support PMs thanks
Re: A little bit of quick help with trj[gen] and virus[gen]
« Reply #3 on: May 02, 2009, 03:20:55 AM »
It does sound like a spambot.

First, Set the Internet Mail sensitivity to High, this could alert you to an undetected or hidden trojan spambot on your system. The alert would say something like too many identical messages in a time period (spam being sent). I don't know if it is possible that they might be using that domain as the as an email relay server.

Then run both programs as per the instructions in my previous post and report the findings..
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security