Virus alerts since today : Win32:Trojan-gen

[X2020X]

Hi everyone,

First of all i'm on Windows 7 64bit edition. Avast warns me that  "Steamservice.exe" was infectefed by "Win32:Trojan-gen". Avast prompt me to restart my computer for a complete scan.

Scan is currently in progression and at this moment i can read this output :
Fichier C:\ProgramData\Adobe\ARM\Reader_10.1.1\AdobeARM.bin | >ReaderUpdater.exe est infecté par Win32:Trojan-gen
Fichier C:\ProgramData\Adobe\ARM\Reader_10.1.1\ARM.msi | >Binary.AdobeARM.bin | >AcrobatUpdater.exe est infecté par Win32:Trojan-gen
Fichier C:\ProgramData\Adobe\ARM\Reader_10.1.1\ARM.msi | >Binary.AdobeARM.bin | >AdobeARMHelper.exe est infecté par Win32:Trojan-gen
Fichier C:\ProgramData\Adobe\ARM\Reader_10.1.1\ARM.msi | >Binary.AdobeARM.bin | >ReaderUpdater.exe.exe est infecté par Win32:Trojan-gen
Fichier D:\Steam\bin\SteamService.exe est infecté par Win32:Trojan-gen
Fichier D:\Steam\steamapps\common\assassin's creed 2\redist\Directx\t3740t170.tmp>infinst.exe Erreur 42127 {Archive CAB corrompue.}

I'm a little bit surprised of those alerts and i read that "SteamService.exe" is a false positive. Do you think that all alerts are false positives ?

Excuse my frenchy Egnlish and have a good day !

[Soure73]

Hi, do a manual update, the issue seems to be resolved now

[X2020X]

Thanks for the info !
But Avast seems to have chewed my client steam :/

[aaron24wood]

I don't know if this applies to this thread, but my scanner took a fit today finding a thing and then suggesting a boot time scan, wherte it found a whole bunch of stuff.  I'm not entirely au fait with lingo and jargon in these situation, but it seems to picking on stuff I wouldn't have thought.

As well as the attached screenshot, it claimed some Adobe ARM fies (I noted particularly the updater executible), although it wouldn't allow me to move any of that stuff to the virus chest or repair it, and I didn't want to delete something I shouldn't.  Indeed, much like the OP.

Any advice would be appreciated.

[tonisb]

I has exactly the same problem today.When I allowed Avast to do a boot scan it brought many threats including Adobe\ARM and even in my Malwarebytes program itself. During the process it would only allow me to delete, tried everything else first. Could not find a report after it completed but luckily had manually written down most of it.
Uninstalled Malwarebytes and did a fresh download - same problem so uninstalled again.
Malwarebytes could not find any threats at all.
Did a full scan with avast and it found the following that I can not move to chest, repair or delete. I keep getting an error message.
If I delete these Adobe files will the trojan.gen go way with it?

C:\...|>AcrobatUpdater.exe     SEVERITY High   STATUS  Threat: Win32:Trojan-gen  ACTION     ( Options) RESULT X Error: The operation is not supported for this type of Archive (42111)
C:\...|>AdobeARMHelper.exe - SAME INFO AS ABOVE
C:\...|>ReaderUpdate.exe - SAME INFO AS ABOVE

Can anybody help - I have the free program.

[Pondus]

Can anybody help - I have the free program.

have you done a manual update of avast......do you still get detection after that ?

[tonisb]

Hi Pondus,
Thanks for response. Yes I did an update just before I posted and was up to date. What I have done since is manually deleted those files then uninstalled Adobe Reader X, Adobe AIR and Adobe ARM.Ran CCleaner then I restarted the computer then did a complete full scan and it shows no threats. This sounds like good news and I hope has solved the issue. I am now going to re-download Malwarebytes and see what happens there. Hold thumbs.
Thank you.
Toni.

[SoLoPa]

Hi everyone, I am posting here as it seems a few of you are experiencing the same problem I am. A couple of days ago Avast advised me to do a boot scan which I did. It threw up a virus and asked me the 5/6 options. I attempted to move said virus to "the chest" but it wouldn't let me, giving me an Error message. I attempted to delete it and the same Error message again. Basically, it would only let me take no action. Once I had rebooted my computer Avast scan log gave me the following details of the virus... C:\ProgramData\Adobe\ARM\Reader_10.1.0\AdobeARM.bin|>AcrobatUpdater.exe, High risk, Win32:Trojan-gen
When I attempted again to delete/ move this virus Avast told me it could no longer find the file.
I proceeded to do a full scan of my computer but it came back telling me no viruses were found. Obviously I am concerned that this virus is still lurking in the depths of my computer but as I can no longer find it I don't know whether this was an Avast glitch or whether something serious is going on. I do get a lot of popups but to be honest who doesn't?!
It is a Windows 7 64bit system that I use, its quite new and came with McAffe which is now out of date, although it still gives a warning message on some pop ups. Other than that I only have Avast.
If anyone has any info about this problem or a way to resolve it I would be really grateful!
Apologies for the extensive message! 
Thanks!

[B. Watcher]

Just to confirm that this virus indeed is back, and infects the Avast (!) system: though the full thorough scan found nothing, the start-up boot scan however reported that sf.bin in .../defs/12020300/sf.bin was infected with Win32:Trojan-gen. Action was postponed till next restart. After restart I made the system undergo a new boot scan, and then the virus was not found anymore. So who got an infected machine too (or who thinks that his machine has not been infected but did not realised a boot scan yet): make for your system safety your machine undergo a boot scan! Success!