Author Topic: French/English "Win64:adware.gen" avast one find it but can't delete it!! HELP M  (Read 1754 times)

0 Members and 1 Guest are viewing this topic.

Offline Johane

  • Newbie
  • *
  • Posts: 4
Hi,
Avast one reporting after a scan that "win64:adware.gen" but can't delete it from my computer...
I try to scan again, etc. But always the same message, and because of that my microsoft word can't open there is always an error message asking me to log etc. :(

The file is written like this "Johane/downlaods/tumgir.iso>app.zip etc if it can help.

Can you help me?

I'm a girl who don't know anything about that.
« Last Edit: October 02, 2022, 06:15:02 PM by Johane »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Are you able to take a screenshot of the Avast Error message and attach it to your reply, see attached image.

Lots of hits on the tumgir.iso file - https://www.google.co.uk/search?q=tumgir.iso
Also the spelling in this file name looks suspect with a lower case i (India) rather than an a lower case l (Lima) as in tumblr.iso (as it is hard to differentiate between the two). This is a common tactic to confuse.

1.  Have you actually tried run this iso file  ?
If not I wonder why it might be impacting on Microsoft Word.
2.  Presumably Avast alerted at this point  ?
A screenshot of that alert could have clarified - However if Avast sent this to Quarantine the location information should be there.

You say that location given as Johane/downlaods/tumgir.iso as I would have expected to see (\ rather than /) C:\Users\Johane\downlaods\tumgir.iso which is a usual windows directory path and not, Johane/downlaods/tumgir.iso which would normally be internet path delimiters.

Unfortunately there isn't much information to go on, so my reply is somewhat vague.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Johane

  • Newbie
  • *
  • Posts: 4
Thank you for you answer,

I give you some details, I try to be as clear as I can even if my english is not perfect..

Yesterday while I was searching for some image for my phd I got an alert telling me "a menace has been bloked" or something like that but nothing happen. I continue to work on word, but today when I try to open my docs in my drive there was an error message asking me to log on "d.docs.live.net" after a few research I found out I could be linked to a malware and... it is. But, I can open my word document stored on my computer... not on my drive.

The link (it's in french but maybe you can translate it) : https://pcsecurise.fr/demander/comment-corriger-lerreur-onedrive-connexion-a-d-docs-live-net-lors-de-louverture-des-fichiers-microsoft-office/

I send a screenshot, it's the only thing I got from Avast...

Yes, my bad it's C:\Users\Johane\downlaods\tumgir.iso, sorry I'm not really good !

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Given the URL it looks like you have been tricked into downloading something you thought was an image, but redirected to the site and you downloaded what you thought was an image but was an iso file, (a compressed executable file).  So I'm unsure what it might have done, but from your image it might have extracted and or installed (and possibly run) Healthy.exe.

Though the malware name doesn't appear to be Adware (64:Adware-gen [Adw]), I assume that there was something before the 64: part at the front. 

Ordinarily I wouldn't have expected an adware infection to impact on Microsoft Word, though I guess it is possible.  Though having translated the link you gave it does appear so. "J'ai un problème très gênant qui m'empêche de modifier des documents Word et Excel avec OneDrive." Translation - " I have a very annoying problem that prevents me from editing Word and Excel documents with OneDrive."

Unfortunately malware resolution isn't my area of knowledge. Plus I don't use Avast One but Avast Antivirus Free.

I used Google Translate to translate the page you gave - https://pcsecurise-fr.translate.goog/demander/comment-corriger-lerreur-onedrive-connexion-a-d-docs-live-net-lors-de-louverture-des-fichiers-microsoft-office/?_x_tr_sl=fr&_x_tr_tl=en&_x_tr_hl=en

Now looking at that it does give information to resolve the ability to connect to d.docs.live.net, now I don't know (from your information here) if this is the exact problem or error message you are getting.  It also doesn't indicate that this was as a result of malware.

Does your problem exactly match the Question and the first Description paragraph  ?

Do you have a very recent system backup of your system that you could restore to a date before this malware issue  ?
You may loose some recent work but it may be less painful.
« Last Edit: October 02, 2022, 11:45:34 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Johane

  • Newbie
  • *
  • Posts: 4
Thanks again for your answer,  :)
Yes and No ; I don't have a pb to edit, but to open Word documents with OneDrive...
But  I got the same error message : "You have to connect to "d.docs.live.net, and enter your ID"
The cause is maybe different and the solution that they give is not for my malware problem I Think.

I think (I may be wrong) if Avast can't delete the malware, I don't think I can open my word docs with my drive.
And I wanted to find some people who knows who to delete it, completely from my computer, as I pay a service I don't know how Avast don't manage to delete it...!
This is why I'm here ^^


Offline Johane

  • Newbie
  • *
  • Posts: 4
For the final question; I'm affraid that I have plenty of docs in my drive, even if, I still got a part in my usb key but... I would prefer to not delete everything  :-\

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
First I must say I'm an Avast User and don't work for avast and unfortunately I never use on-line sources for documents/files/images, I just don't trust them (even Microsoft).

I much to keep my documents on my computer, where I can do regular backups on second hard drive and to externally connected SSD drives, 1TB and 2TB (Tera Bytes).  So regardless what may happen I have multiple recent backup copies of files images, etc.

I don't know if the methods suggested in that page are destructive or simply resolve the inability to log in, not to mention they aren't free.
1. Methods to resolve "Connecting to d.docs.live.net" error - this doesn't sound destructive or not.
2. Delete cache files to get rid of error code - this however does sound destructive certainly for what might be in the cache rather than what is actually stored.

Also when you get malware like this it could be trying to steal your username and password.

Have you tried to contact Microsoft Support if such a thing exists for Live.net, OneDrive  ?
I just wonder if they or there isn't a way to save what you might have on your d.docs/live.net to protect against possible loss.

I will try and attract some attention to your topic.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
One could try to use cleaning advice from a qualified remover here:
https://www.bleepingcomputer.com/forums/t/557877/win64adware-gen-avast-wont-remove/ (example)

Remember to follow their unique instructions as every single cleansing routine is unique,
so there are no general cleansing options, only to strictly follow up instructions from a qualified remover there.

Go and contact there,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Has a Boot-Time Scan been run on this system?



Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline rocksteady

  • Super Poster
  • ***
  • Posts: 1533
...But, I can open my word document stored on my computer... not on my drive.

Are you able to access your OneDrive and open documents there using a web browser?