Author Topic: win32.trojan-gen, vc  (Read 4534 times)

0 Members and 1 Guest are viewing this topic.

hakim

  • Guest
win32.trojan-gen, vc
« on: March 14, 2004, 06:52:54 PM »

dear friends: i got message from avast of finding the virus WIN32.TROJAN-GEN.VC. the avast couldnt repair it the infected file is windows\system\sysreq.exe.  
pls. am begginer, help me how to get rid of this virus,thnx alot
« Last Edit: March 14, 2004, 06:55:21 PM by hakim »

Offline raman

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1062
Re:win32.trojan-gen, vc
« Reply #1 on: March 14, 2004, 11:05:59 PM »
Avast should be able to delete the file in Safe mode, or just kill the task sysreq.exe by using the Taskmanager and delete the file than.
MfG Ralf

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:win32.trojan-gen, vc
« Reply #2 on: March 14, 2004, 11:46:17 PM »
Press ctrl-alt-del once. Close the process in the taskmanager. Then run a full system scan with Avast.

hakim

  • Guest
Re:win32.trojan-gen, vc
« Reply #3 on: March 15, 2004, 08:13:08 PM »
THE FILE IS NOT SHOWN IN TASK MANAGER . WHAT TO DO.

whocares

  • Guest
Re:win32.trojan-gen, vc
« Reply #4 on: March 15, 2004, 09:53:32 PM »
Hi,

what WIN do you have ?

here are several links with removal instructions:
ClickME!

test the file with OnlineScanners e.g. from Trend & KAV (see below) to get a more specific name
(you need to temporarily disable AV-Resident Shields/Monitors to be able to scan the file online)


-remove the Virus/Malware and it's system modifications according to VirusInfos
from Avast, VGREP, TrendMicro, Kaspersky;
you might also try searching for the virus name or filename with google

general removal procedure:
- disable system restore on Win ME/XP
- best reboot in SafeMode (F8-Boot)
- kill respective Backdoor/Trojan process with task manager (if it still exists in safe Mode)
- search for the file/process names in the registry; remove the malware's startup entries in the registry
- disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot
 

-Secure your system (change passwords, secure shares, install patches/updates for WIN, IE etc..)
-scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro to check whether your PC is clean ;)
- reenable system restore on Win ME/XP


if it's of the trojan-gen kind: spybot, ad-aware and cwshredder might also help
if you still can't remove it, you could post a logfile of Hijackthis here

see www.lurkhere.com ->nicefiles and www.lavasoft.de

Further Details and Links via the board search above ;)
« Last Edit: March 15, 2004, 09:54:58 PM by whocares »