Can anyone help?

[hawick]

Had a virus message, but trojan 32 gen, but avast was unable to locate as in start -up. What should I do. Sorry am a bit of a newbie, any help appreciated bigtime, thanks!!

[DavidR]

- What OS are you using? is it up to date?
- What avast! version and VPS file (virus database) number, e.g. 0436-4 (see about avast!)
- What was the filename, where was it found
  example (C:\windows\system32\infected-filename.xxx)?
- What actions have you taken to try and resolve the problem? (avast! should have given you options when it first detected the virus, what did you choose, or what did you do)

What were you doing when the virus was detected? (browsing the web, running a scan, downloading, receiving email, what)

As you see we need a little help too.

Also see - Advice & Tools for virus/trojan/malware Removal & Prevention

[hawick]

Hi david thanks for reply.
sMy avast is up to date, filename was libsys or similar, can't find name though, I was online. I tried to send to chest then tried to delete, but kept coming back can't locate. I started using avast about one month ago think it 04.6.66-5. Will update this post if i find more details.
it says win32 trojan-gen has been found in but i can't read the rest of it! I think it said start up.
Thanks if you can help.
I have just denied a change called msgfix.exe was that the right thing to do??
Please help!!! Panicking!

If I get the IP number of an attacker (I've had a few repelled by avast today, usually just after logging on) is there anyone I should notify?

[hawick]

Still struggling to work out what's going on. Computer did close and restart by itself this morning but not done so again (yet.........).
Any thoughts out there?

[DavidR]

In order for us to help you fully we need you to be as accurate and detailed as possible, otherwise we will be groaping in the dark.
The "file name was libsys or similar" does nothing to help, we can't check google, etc. so there is no way to identify if msgfix.exe is a part of or totally different virus, etc.

Please check your avast Log File (right click the avast icon and select avast! Log Viewer and check the warnings section), it should contain the information we asked for.

The reason I asked what you were doing was to try and identify which avast provider detected the virus, if it was web shield then the likelihood is there is nothing on your computer (you said you were on-line). However, in the same paragraph you say you tried to send it to the chest which would indicate it was detected by standard shield, so I'm a little confused too.

The Operating System and location of where it was found are also important as to how it is dealt with. Please re-read my first post and answer all the questions as accurately and fully as possible.

Did you read the thread I gave the link to.

Try not to panic (it doesn't help), I know when you are up to your ass in Alligators it is hard to remember your intention was to drain the swamp.

For the most part it is a waste of time and effort to report IP numbers of an attack but avoid the site, etc. were possible.

If you haven't already got this software (freeware), download, install, update and run it.
1. Ad-Aware
2. Spybot Search and Destroy
3. Spywareblaster
4. Download HijackThis.zip - HiJackThis Tutorial