Author Topic: How to remove - win32: trojan-gen {other}  (Read 8541 times)

0 Members and 1 Guest are viewing this topic.

Offline matan

  • Newbie
  • *
  • Posts: 2
How to remove - win32: trojan-gen {other}
« on: September 20, 2004, 10:51:55 PM »
When I scaned my computer with avast it found that file hxdefdrv.sys is infected with win32: trojan-gen {other}. I removed it with the same program, but it was not successful. I even disabled system restore, and boot in safe mode, and same thing happened. I also noticed that there are too many programs running in my task manager - expecialy lots of svchost.exe.    

Can somebody help me to remove it ?
Thanks

Offline whocares

  • Super Poster
  • ***
  • Posts: 1698
  • I'm not a llama! :-)
Re:How to remove - win32: trojan-gen {other}
« Reply #1 on: September 21, 2004, 03:30:54 PM »
Hi,

Please read the link "VirusRemoval" below in my sig and then come back with more info, e.g.
- What Win do you use ?
- version of avast & VPS number/date ?
- Hijackthis-Log
- Results of Onlinescanners for the file

btw, your trojan is a bit of a toughy cause it's a rootkit:
- have you tried a boot-time scan with avast (if you have Win NT/2000/XP) ?

also try following the removal-procedure contained in these links..:
Trend-Info


 ;) ;)
« Last Edit: September 21, 2004, 03:32:40 PM by whocares »

Offline Davide

  • Newbie
  • *
  • Posts: 1
Re:How to remove - win32: trojan-gen {other}
« Reply #2 on: September 23, 2004, 01:26:52 PM »
Hi, I'm woking with the Windows 2000 professional version, the Avast antivirus tells me I got the Win32:Trojan-gen!!! What should I do? Is it dangerous??

Thanx..

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 71858
  • No support PMs thanks
Re:How to remove - win32: trojan-gen {other}
« Reply #3 on: September 23, 2004, 06:54:08 PM »
You could start by following the request/suggestions of whocares.

We really need more information to help you fully.

Please Help us to Help you - we need more information to be able to help fully,
    - Your Operating System, is it up to date?
   - Your email program - if applicable.
   - avast! version and VPS file (virus database) number, e.g. 0436-4 (see about avast!)
   - Virus Name - infected filename
   - Location of infected file, e.g. C:\windows\system32\infectedfilename.exe

visit the User's FAQ thread, it will give you a lot of useful advice.

A search of these forums for Win32:Trojan-gen will no doubt return many hit as this topic has been  previously discussed a number of times.

General Advice & Tools for virus/trojan/malware removal

A HijackThis log is also helpfull in searching out Trojans, Eddy's HiJackThis Info and Analysis page, HijackThis log file analyzer and follow the directions there and get back to us with more info if you need more help....
« Last Edit: September 23, 2004, 06:54:37 PM by DavidR »
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2015 10.2.2218 R2-SP2/ Outpost Firewall Pro9.1/ Firefox 38.0.1, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.1.6/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline havfunky

  • Newbie
  • *
  • Posts: 3
  • I'm a llama! no im not!
Re:How to remove - win32: trojan-gen {other}
« Reply #4 on: October 11, 2004, 11:29:57 PM »
hi, I HAVE ALSO RECENTLY FOUND THIS VIRUS ON MY SYSTEM, WHICH ISNT GOOD ME THINKS! ( win32: trojan-gen {other} )

I am running win xp sp2.

along with Avast version 4.1 home.
VSP:11.10.2004 file version 0442-0

this is a copy of the message that i get in the avast log file:

11/10/2004 20:08:01   NT AUTHORITY\SYSTEM   860   Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{DF288C16-B6BD-4E42-8C84-84230AE9EE6D}\RP31\A0005138.exe" file.  


Dont look good.

Ive disabled system restore and used both avast and trend home call virus scans on this bitch but have come up with diddly squat! :-s

Could you please help?!

Offline Eddy

  • Avast Evangelist
  • Serious Graphoman
  • ***
  • Posts: 15692
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:How to remove - win32: trojan-gen {other}
« Reply #5 on: October 11, 2004, 11:35:03 PM »
Disabling system restore will take care of it havfunky. Did you reboot after disabling it and did you checked if it still is disabled?
« Last Edit: October 11, 2004, 11:35:25 PM by Eddy »

Offline havfunky

  • Newbie
  • *
  • Posts: 3
  • I'm a llama! no im not!
Re:How to remove - win32: trojan-gen {other}
« Reply #6 on: October 11, 2004, 11:41:39 PM »
ive disabled it, and rebooted. yes, but didnt find it after. will it have gone now then?



Offline Eddy

  • Avast Evangelist
  • Serious Graphoman
  • ***
  • Posts: 15692
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:How to remove - win32: trojan-gen {other}
« Reply #7 on: October 11, 2004, 11:46:24 PM »
yup it is gone. This was a false positive caused by the way system restore puts the files in that folder. So nothing to worry about now that it is gone.

Offline havfunky

  • Newbie
  • *
  • Posts: 3
  • I'm a llama! no im not!
Re:How to remove - win32: trojan-gen {other}
« Reply #8 on: October 11, 2004, 11:47:33 PM »
can i put it back on now then (system restore i mean)?

thanks for your help eddy! :-)

Offline Eddy

  • Avast Evangelist
  • Serious Graphoman
  • ***
  • Posts: 15692
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:How to remove - win32: trojan-gen {other}
« Reply #9 on: October 11, 2004, 11:55:44 PM »
If you have a need for it, you can put it back on. But you can get the same false positive back also that way. The choice is yours.

Offline Njguy

  • Jr. Member
  • **
  • Posts: 30
  • I'm a Newbie Here
Re:How to remove - win32: trojan-gen {other}
« Reply #10 on: October 17, 2004, 06:29:47 AM »
Hello, I have the same issue with win32: trojan-gen, getting rid of it is ok, but my question, Is this virus harmfull, also, why cant Avast take care of it when it finds it and you delete or move it to the chest.
Any help in this matter will be Appreciated.

Thank You All

Windows XP Home Edition

Offline Ruff Knight

  • Newbie
  • *
  • Posts: 1
Re:How to remove - win32: trojan-gen {other}
« Reply #11 on: October 19, 2004, 06:03:24 PM »
I too have been having problems removing this virus, and I am running Windows 98, can somone please help me.

Offline drussel

  • Newbie
  • *
  • Posts: 1
Re:How to remove - win32: trojan-gen {other}
« Reply #12 on: October 21, 2004, 12:52:32 AM »
 ???How do you disable Dydtem Restore? I also have the virus and am on XPP.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 71858
  • No support PMs thanks
Re:How to remove - win32: trojan-gen {other}
« Reply #13 on: October 21, 2004, 12:52:11 PM »
Well you could use the windows help file > Start > Help and Support and search for System Restore and look at the results it gives.

Or
Win XP-ME - How to disable System Restore

My point is the information is on your computer, you only have to learn to use the tools.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2015 10.2.2218 R2-SP2/ Outpost Firewall Pro9.1/ Firefox 38.0.1, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.1.6/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security