Author Topic: Win32:Malware-gen found in scan  (Read 11671 times)

Offline leglagger

  • Newbie
  • *
  • Posts: 2
    • Personal Message (Offline)
Win32:Malware-gen found in scan
« on: January 29, 2010, 12:19:34 PM »
I have a Acer Aspire 7540G with Windows 7 .
My Avast 5.0.396 is up to date with virus database.

It has found 2 threats
C:\Program Files(x86)\epson\creativity suite\File Manager\DspReadMe.exe    and C:\Program Files(x86)\epson\creativity suite\Easy Photo Print\DspReadMe.exe
Severity High.  Threat Win32:Malware-gen

When I try to move these to the chest I get "Error: Access is denied (5)"

I cannot run boot-time scan as it says "Boot time scanner only available in 32 bit operating systems".

I restarted in safe mode, and then ran avast and tried to scan the epson folder but got "no more endpoints available from the endpoint manager".

Is this a genuine threat, and why can't I move it to the chest?

Please help!

Thanks




Offline Milos

  • avast! team
  • Advanced Poster
  • *
  • Posts: 1081
  • Gender: Male
    • Personal Message (Offline)
Re: Win32:Malware-gen found in scan
« Reply #1 on: January 29, 2010, 12:50:45 PM »
Hello,
file with this filename arrived to us and if false positive, which will be fixed. If the problem remains after next VPS update (100129-1) then send the file to virus@avast.com with "False positive" in subject.

Thank you,
Milos

Offline leglagger

  • Newbie
  • *
  • Posts: 2
    • Personal Message (Offline)
Re: Win32:Malware-gen found in scan
« Reply #2 on: January 29, 2010, 12:54:21 PM »
When  will the next update (VPS update (100129-1)) be ?

Also - why can I not move the 2 files to the chest ?

Thanks

Offline 2of9

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
Re: Win32:Malware-gen found, no endpoints avail from endpoint mapper
« Reply #3 on: February 25, 2010, 05:02:40 PM »
Brand new XP rebuild.  App dumps occuring.  Entered Safe Mode, run Avast 5 -- "Unable to start scan.  There are no more endpoints available from the endpoint mapper."

After adding anti-virus program (como) install which crashed after update and 2nd scan.  (some other strange program behavior occured earlier like a window staying on top of another just loaded program.)  I tried to open the dump file indicated in C:\Documents and Settings\user\Local Settings\temp\fce2_appcompat.txt but I was unable to print or save the file (definite sign of malware).

So I ran some other tools from well known antivirus companies and found "ARTEMIS!(followed by random hex numbers)".   All scanners ran fine in regular Windows XP mode and never found a virus including Avast 5.0.

This was after a fresh reinstall with very few programs installed and very few website visits.  ARTEMIS must have a loader that's not being detected by any malware scanners with possible delayed load.  I suspect it's getting in  either via network drive or one of my program (Office 07, Adobe mainly) installs has a parasite.

Did not find Win32:Malware-gen but HAVE found it on my other PC.
If you have more clues on removing this malware and hidden loaders, please let me know.

::)

Online Pondus

  • avast! √úberevangelist
  • Maybe Bot
  • *****
  • Posts: 21702
  • Gender: Male
    • Personal Message (Online)
Re: Win32:Malware-gen found in scan
« Reply #4 on: February 25, 2010, 05:48:06 PM »
Brand new XP rebuild.  App dumps occuring.  Entered Safe Mode, run Avast 5 -- "Unable to start scan.  There are no more endpoints available from the endpoint mapper."

After adding anti-virus program (como) install which crashed after update and 2nd scan.  (some other strange program behavior occured earlier like a window staying on top of another just loaded program.)  I tried to open the dump file indicated in C:\Documents and Settings\user\Local Settings\temp\fce2_appcompat.txt but I was unable to print or save the file (definite sign of malware).

So I ran some other tools from well known antivirus companies and found "ARTEMIS!(followed by random hex numbers)".   All scanners ran fine in regular Windows XP mode and never found a virus including Avast 5.0.

This was after a fresh reinstall with very few programs installed and very few website visits.  ARTEMIS must have a loader that's not being detected by any malware scanners with possible delayed load.  I suspect it's getting in  either via network drive or one of my program (Office 07, Adobe mainly) installs has a parasite.

Did not find Win32:Malware-gen but HAVE found it on my other PC.
If you have more clues on removing this malware and hidden loaders, please let me know.

::)
you should have started your own topic and not posted inside this  http://forum.avast.com/index.php?topic=54389.0


Check your computer for Malware with

Have you tried Malwarebytes Antimalware http://filehippo.com/download_malwarebytes_anti_malware/
after install click UPDATE and run cuick scan, click on REMOVE SELECTED to quarantine anything found

SUPERAntiSpyware http://filehippo.com/download_superantispyware/
Are cookies really spyware and are they dangerous?
http://www.superantispyware.com/supportfaqdisplay.html?faq=26

If anything is found come back and post the scan logs here
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now