Author Topic: Win32:Trojan-gen. {Other}  (Read 4313 times)

0 Members and 1 Guest are viewing this topic.

Offline jadrianz

  • Newbie
  • *
  • Posts: 10
Win32:Trojan-gen. {Other}
« on: January 17, 2006, 06:23:11 PM »
My daughters laptop has recently started having an avast popup whic continuously pops up. Selecting any of the options, ie., move, delete,repair, etc has no effect. Even running the boottime scan has no effect. After restarting the popup continuously comes up.  Between the astricks is the contents of the popup message.

I am close to having her gwscan, and reload her system... any help to correct this issue prior to the final wipe is appreciated.

Jadrian

********************************************************
A VIRUS WAS FOUND!
There is no reason to panic, though. Try to follow the given advice and links. If your computer is part of a network, unplug the network cable to avoid further spreading of the infection.

File name: C://WINDOWS/system32/vturp.dll
Malware name: Win32:Trojan-gen. {Other}
Malware type: Virus/Worm
VPS version: 0603-1, 01/16/2006

available actions
-move/rename
-delete
-repair
-move to chest
recommended action: move to chest

processing
-no action    note:  if you press the "no action" button, the malware will not be                                activated

then you can click on 
- schedule boot time scan
- http://www.avast.com
- fill in our virus report to help us improve avast!
**********************************************************
Not an Expert, Not a Newbie..
Just a Jack of all Trades

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Win32:Trojan-gen. {Other}
« Reply #1 on: January 17, 2006, 07:37:18 PM »
My daughters laptop has recently started having an avast popup whic continuously pops up.
I suggest:
Update the virus database (VPS) and scan your computer again. If you get any infection, then run a boot time scanning (schedule it and boot).
The best things in life are free.

Offline jadrianz

  • Newbie
  • *
  • Posts: 10
Re: Win32:Trojan-gen. {Other}
« Reply #2 on: January 17, 2006, 07:46:33 PM »
My daughters laptop has recently started having an avast popup whic continuously pops up.
I suggest:
Update the virus database (VPS) and scan your computer again. If you get any infection, then run a boot time scanning (schedule it and boot).

Virus database was updated automatically as configured and manually updated and says there are no updates available. So it is on latest VPS.

and like I said, running the boot time scan does not work because after the scan when the computer restarts in normal mode the popup still comes up. I have also disabled system restore, run the scan after restarting, restarted in safe mode, ran the scan, even ran another boot time scan when restarting from safe mode. When the computer starts in normal modem that pop up still comes up.
Not an Expert, Not a Newbie..
Just a Jack of all Trades

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84918
  • No support PMs thanks
Re: Win32:Trojan-gen. {Other}
« Reply #3 on: January 17, 2006, 07:48:33 PM »
The reason it can't be dealt with is because it is in use, that is why a boot-time scan should be able to deal with it. So I'm a little surprised it didn't deal with it, did it detect it during the boot-time scan and what action did you/avast take?

There may however, be other elements that restore it even after being dealt with.

Also useful as a diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial 1 or HiJackThis Tutorial 2
For an on-line analysis - HiJackThis Log file - On-line Analysis OR HiJackThis Log file - On-line Analysis 2
Ignore any 023 reference to avast processes, this is a hiccup in the HJT 1.99.1 (especially missing file entry for avast), if you need any help with any of the analysis let us know.

Download this and try that also Ewido Security Suite If using winXP. or a-Squared free if using win98/ME.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline jadrianz

  • Newbie
  • *
  • Posts: 10
Re: Win32:Trojan-gen. {Other}
« Reply #4 on: January 17, 2006, 08:53:59 PM »
The reason it can't be dealt with is because it is in use, that is why a boot-time scan should be able to deal with it. So I'm a little surprised it didn't deal with it, did it detect it during the boot-time scan and what action did you/avast take?

There may however, be other elements that restore it even after being dealt with.


It did detect it during the boot time scan, selected repair, which failed, then selected delete, which failed (there is another program using the file) which is strange since file should not be loaded yet by windows.
Not an Expert, Not a Newbie..
Just a Jack of all Trades

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Win32:Trojan-gen. {Other}
« Reply #5 on: January 17, 2006, 09:00:59 PM »
Methinks some clever malware can start itself even before a boot time scan, either by injecting itself into a Windows process, or by starting as a service.

Am I wrong?
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline jadrianz

  • Newbie
  • *
  • Posts: 10
Re: Win32:Trojan-gen. {Other}
« Reply #6 on: January 17, 2006, 09:11:41 PM »
The reason it can't be dealt with is because it is in use, that is why a boot-time scan should be able to deal with it. So I'm a little surprised it didn't deal with it, did it detect it during the boot-time scan and what action did you/avast take?



Ok.. so when in doubt start over... I started up in safe mode, ran avast, found the infected file but wouldn't remove to chest, repair or delete, made sure sys restore was still off and set boot time scan,, found the file, told it to delete file, finally did it, no other infections found during scan, after windoze startup re-ran avast scan, no infection... Yea!!!!

re-started computer, re-scanned, no infection, and no vturp.dll file in system32 but no adverse effects from deleting that file yet either. No iea why it didn't do that the first 3 times I attempted the same thing...

Thanks  :)
Not an Expert, Not a Newbie..
Just a Jack of all Trades

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84918
  • No support PMs thanks
Re: Win32:Trojan-gen. {Other}
« Reply #7 on: January 17, 2006, 10:23:12 PM »
Perseverence pays off in the end. Ewido is worth downloading if you haven't already done so. It gives a trial period which allows full unrestricted use and then reverts to the free non-resident version if you don't buy, it works well with avast.

Welcome to the forums.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security