Avast found Win32: trojan-gen

[yod12]

I printed it out as a pdf, and then found that this forum won't accept attachements in that format. Any other suggestions?

[yod12]

I printed the results as a pdf, but this forum won't accept attachments in that format. Any other suggestions? Please excuse if this shows up twice.

[DavidR]

In your browsers address bar, just copy and paste the URL for the page with the results in the forum.

[yod12]

Here's the url http://www.virustotal.com/analisis/9848c9a769d1819c4b973cca8a1d7eac

jpg attached also

[wyrmrider]

Backdoor.Win32.Feri.g
is a real hit- so keep it in the chest/ quarentine do not delete/ remove yet
(just because Backdoor.Win32.Feri.g is a real malware name we do not know yet if you really have it as Avast -gen - general tag is ambiguous but suspicious- follow?)
but we can't take any chances

let me double check- did you send a copy to... files for analysis to virus (at) avast.com

let's see if we have anything else infecting your machine
Me
I'd first run a Malware Bytes Anti Malware (MBAM) or Rogue Remover scan
I'd update avast and schedule a boot time scan- rt click on the ball

since Kaspersky targeted this Backdoor.Win32.Feri.g
I'd try a Kaspersky on line scan- run from IE and allow Active X


l

[DavidR]

Personally I don't feel there is a need to send this to avast for analysis as the detection is most certainly good, regardless of the name given.

I would certainly agree that as a possible backdoor that the additional scans should be carried out to ensure there isn't anything else hiding/undetected.

[yod12]

Here are the results for another http://www.virustotal.com/analisis/84d52786e2e85a2005de3bd7d466f6a2

[Lisandro]

Not so sure it's a false positive, don't seem so...

[yod12]

Here are the results for another http://www.virustotal.com/analisis/84d52786e2e85a2005de3bd7d466f6a2

[DavidR]

Well both of your last VT results confirm a good detection.

[yod12]

Sorry, I ended up posting results from virustotal twice for one of these. It's been scanning trz11.tmp for over an hour. Not sure what's going on...it's only 161280 bytes.
Well, I've been learning a little bit so far. Not sure what your interpretations mean yet.

Thanks,

[wyrmrider]

YOU MOST LIKELY HAVE A VIRUS AND NEED TO DEAL WITH IT
but it in chest

[yod12]

Need to deal with it. Well, that's what I trying to figure out.
I put all three in the Chest and they're also in a suspect folder that I got directions here how to create. What should I do now. Virustotal's been scanning trz11.tmp for over 2 hours now.

[DavidR]

What is the size of the trz11.tmp file ?

I feel that you should probably abandon the VT scan of trz11.tmp as it would appear to have stalled. Even if the trz11.tmp file was 10MB (the max upload size) it should have uploaded and been scanned in that time.

Have you run the MalwareBytes Anti-Malware freeware version http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml scan as suggested previously ?

[wyrmrider]

after the MBAM scan post back

Do not worry about the viri in Chest or in the temp file you created (suspicious?)

David R can advise you on this
did you google trz11.tmp?  looks suspicious
what is the full path
But CCLeaner or ATF Cleaner can clean up that temp file if it is a real temp file