W32 :trojan -gen (yet again)

[greywolf]

I have been reading the posts and just new to avast i ran into this problem i ran a boot scan and it came up with   that i was infected , although this was a fresh install of windows with only my drivers and av having been installed, the reason for the install was that the comp had been acting strange for weeks with a re-format having been done every 3 days, no antivirus prog has found anything (tried them all) i actually found this by accident , when i ran the avast boot scan, it seems this was sitting in my boot sector for ages , i deleted the file and so far so good, this last re-insrall has been good , my question is , is thgis really a bug or is it a hoax ? no av site has any info on it , and i found something on the net that said something aboput avast being false pos ridden ? so far i like this prog and avast was the only prog to find this prob and i haven't had much of a prob since although i am  getting auto shutdowns now suddenly soon as i run a scan . please help

[Eddy]

What file was reported as being infected and what was its location?

If you have moved it to the chest:
- right click the file in the chest and choose properties.

If you have completely deleted the file:
 - check Avast's log file

although this was a fresh install of windows with only my drivers and av having been installed

I sure hope you didn't go online without a av application and a firewall

[Lisandro]

When i ran the avast boot scan, it seems this was sitting in my boot sector for ages, i deleted the file and so far so good, this last re-insrall has been good, my question is, is thgis really a bug or is it a hoax?

If avast corrects the error and you don't have to format each three days, well, I think it's not a hoax...
Anyway, do you have the name of the virus?

Welcome to forums.

[Lisandro]

Eddy, it's not from Chest as Chest is not available at boot time... 

[lee16]

Eddy, it's not from Chest as Chest is not available at boot time...

I think it is technical, unless im missing something here  (see below)


greywolf

Do you know the name of the file you deleted (or the 'infection' name)

--lee

[greywolf]

When i ran the bootscan all it said was that i had w32:trojan-gen , i had not been even on the net, i only installed my win xp home, and all my hardware drivers, then went  straight to and installed the avast av prog , was a first time use for me so i was checking out the prog and scheduled a boot scan , i ran it and that was when it came up , i later after deleting the file w32:trojan-gen ran a scan in windows , the system came up clean , but as of today if i try to run a scan in windows it re-boots me, although it still comes up clean in a boot scan it never specified any specific file although in my virus chest it put rundll.exe and  3 others under the sys file section  i run avast and norton personal filewall .

[Eddy]

Check Avast's log file as I asked before and tell us the name and location of the file please.
we need to know that to tell if it really was a infection or a false positive.

Technical corrected me. He is right, there is no move to chest in the bootscan, but you can select move file(s).
If you have used this option, the file should still be in the "moved to folder" unless you have deleted it from there.

[greywolf]

I deleted the file from the bootscan, all it said was  it found the file w32: trojan-gen and asked if i wanted to delete  etc.... i chose delete and that was it , nothing in log files anywhere. it never even mentioned any other file , other than that it was found in system32 best as i can recall

[garyb]

Isn't this one a false positive; actually spy/malware?

http://forum.avast.com/index.php?topic=1235.0
(This seems to be a blended thread, but Jordito raises the question and pk suggests it's spyware)

http://forum.avast.com/index.php?board=4;action=display;threadid=1006

[greywolf]

 I've Solved the problem for now , but i really don't believe it is a false  alarm , the file w32:trojan-gen was found hiding in my boot sector for one , in the last few months it wreaked havoc on my computer , files were corrupting left and right , cdrw or dvdrw would work or sometimes wouldn't work files were spontaneously corrupting, entire programs would disappear etc.... it was a nightmare ,  i tried every virus scanner out there, nothing picked this up , then i tried avast and  like i said i was checking out the prog and quite by accident ran a boot scan and there it was , i remember it gave me a choice of options and i just deleted, (this was a fresh install hadn't been on the net yet, only had factory drivers installed and avast) I haven't had a prob since , today it again started to re-boot spontaneously , but i found the prob and fixed it.  but i still say w32:trojan-gen is not a false alarm getting rid of  it seemed to work for me at least. and a fresh install didn't seem to stop it , i had totally formatted the drive and only got rid of it once i actually found and deleted it . Thanks for all the help tho , so far so good

[Eddy]

Thanks for all the help tho , so far so good

always nice to hear a perosn can use his/her comp without a problem.
But to make sure your system is clean (since you went online without security properly setup), I suggest you click on the link in my signature and follow the steps as explained in the malware removal section.

Better do some extra work/spend some time on it, than be sorry later

[Lisandro]

Unless im missing something here  (see below)

Lee, in fact, it's not Chest. It's another folder as at boot time the drivers to handle Chest aren't load yet.
If I'm wrong, please, someone from Alwil could correct me