Sign of Win32:Trojan-gen

[tobacco_slammers]

Hi all, I've just received this warning from avast and i'm having a spot of trouble!

Firstly, I stupidly opened up a file that I received via email, thinking that it was safe. Once I opened this file Avast went banannas and started giving me constant warnings about this virus.

I've done a scam of my PC using Spybot S&D and this couldn't find anything.

I'm in the process of doing a scan with avast just now so will add to this post as soon as I can.

Below is an image I took of the Avast Log Viewer to give a better idea of what's wrong:



As you can see from the image this file has shown up more than once!

Could someone tell me what this virus is and what threat my PC is under?

Most importantly, could someone assist me with getting rid of it?

I have Hijack This installed also and can send a report if needed.

If there is anything else I need to let you know please feel free to ask.

Many thanks

Bryan

[FreewheelinFrank]

Try a boot time scan with avast! Right click the scanner screen, select 'schedule a boot time scan' and reboot when requested. (Or open the tab at the top left of the scanner screen and select the boot time option from there.)

[tobacco_slammers]

Hi FreewheelinFrank, I did what you suggested.

It now appears I have a bigger problem!

After running the boot time scan my PC now seems to be opening up the OS (Vista Home Basic) in Safe Mode as the resolution of the screen has changed (I looks like it's in safe mode anyway but not 100% sure).

I now get the following 2 alerts whenever I turn it on:

1. HD Audio Control Panel has stopped working

2. Host Process for Windows Services has stopped working

Can anyone assist me further?

[Jtaylor83]

Looking at the log. It appears that all your drivers are infected with a new virus, especially the .vir part.

To see what kind of virus it is, I recommend an online scan.

Trend Micro Housecall
Dr. Web CureIT (On-Demand Only)
Kaspersky Online Scanner

[FreewheelinFrank]

Do you still have the original file? If so, please upload the file to VirusTotal for analysis. This will enable avast! and other AV's to add the definition. Post the results here.

[tobacco_slammers]

Hi, thanks for the replies guys. I don't have the original file as I deleted it from the email once all the warnings come up.

Regarding the online scan: I don't think this is possible as when I boot the PC now I cannot connect to the internet. Is this because it's in safe mode or something else?

Is there any other way I could do a further scan such as download something on another PC and transfer it to the infected PC?

[micky77]

You can try the Avira rescue cd,download,double click and burn to cd,insert into infected pc and reboot.Choose option 2 to boot into rescue system,select English,PRESS SPACE,choose scan,then enter. I'm only a learner,but your pc looks a mess.Sometimes,its easier to reformat,and start from scratch.
http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

[tobacco_slammers]

Thanks micky77, i'll try this out when I get home.

This is a real pain in the ass by the way! lol

[tobacco_slammers]

You can try the Avira rescue cd,download,double click and burn to cd,insert into infected pc and reboot.Choose option 2 to boot into rescue system,select English,PRESS SPACE,choose scan,then enter. I'm only a learner,but your pc looks a mess.Sometimes,its easier to reformat,and start from scratch.
http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

I've just checked this link out but it says that this program is for Linux OS and i'm using Vista.

Is there anything else I can do?

[micky77]

You can try the Avira rescue cd,download,double click and burn to cd,insert into infected pc and reboot.Choose option 2 to boot into rescue system,select English,PRESS SPACE,choose scan,then enter. I'm only a learner,but your pc looks a mess.Sometimes,its easier to reformat,and start from scratch.
http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

I've just checked this link out but it says that this program is for Linux OS and i'm using Vista.

Is there anything else I can do?

Its a self contained linux based program,you do not need linux os to operate.It runs fine on xp ( have tested ) I do not have Vista,but it is Vista compatable. I am sure it will run fine. Although,this forum is an Avast forum, not Avira, so,enough said about it, from me.

[tobacco_slammers]

Thanks again Mickey, i'll give it a try.

Having looked at my PC again last night I think i'm in big trouble, It appears that all of my drivers are either infected or missing!

I'm really stuck on what to do here.

I've scanned the PC using avast! & Spybot S&D and they are finding nothing new. These "infected" files are still in the chest as far as I know.

I can't connect to the internet as i'm told there is no driver, and the same error appears for the audio driver.

Am I looking at a complete wipeout of the hard drive here or is there a slight chance that I can repair it?

I'm not to fussed if I need to wipe out the drive but on one of the partions (D:) I have images and video clips stored. Is it safe to transfer these onto an external drive so I don't lose them?

It's not been possible to do a System Restore as somehow I have never actually had it turned on!

Also, I have a backup disc that I think I created when I got the PC (2 years ago) but I didn't get any Vista disc with it. Will this disc do if this is the route I need to go.