Author Topic: Vírus win32:pup-gen  (Read 6873 times)

0 Members and 1 Guest are viewing this topic.

Alcir

  • Guest
Vírus win32:pup-gen
« on: April 29, 2012, 03:07:33 AM »
O Avast sempre me notifica sobre o vírus win32:pup-gen, mas, ao tentar removê-lo para a quarentena (assim como excluí-lo), aparece a seguinte mensagem: erro: o Sistema não pode encontrar o arquivo especificado (2). Ao iniciar novo escaneamento, o Avast sempre o localiza, mas não consegue removê-lo. Como devo proceder?

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
Re: Vírus win32:pup-gen
« Reply #1 on: April 29, 2012, 07:37:07 AM »
Buenos  Alcir,

Following is the google translation to english of above post:
Quote
Avast always notifies me about the virus Win32: pup-gen, but when trying to remove it to Quarantine (and delete it), the following message appears:  Error:  System cannot find the file specified (2).  When starting a new scan, Avast always finds it, but can not remove it.  How should I proceed?
Never delete.  If possible, always place in quarantine.  If the file is determined to be clean later, you can always restore it.  You cannot do this when delete is chosen, file is gone forever.
You can also post here in the non-english zone if you wish:  http://forum.avast.com/index.php?board=21.0

EDIT:  Update post.

On further analysis, see this thread about [PUP] alerts:  http://forum.avast.com/index.php?topic=93372.0

As Pondus says, PUP scan is off by default in the normal quick/full scan.  You have to turn it on to get this alert.
« Last Edit: April 29, 2012, 08:05:58 AM by mchain »
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37504
  • Not a avast user
Re: Vírus win32:pup-gen
« Reply #2 on: April 29, 2012, 10:17:43 AM »
Quote
As Pondus says, PUP scan is off by default in the normal quick/full scan.  You have to turn it on to get this alert.
but it is on in boot scan........
so is it a boot scan you are using?
and what is the name / location on the file detected?

Alcir

  • Guest
Re: Vírus win32:pup-gen
« Reply #3 on: April 29, 2012, 10:57:03 PM »
O Avast detecta esse win32:pup-gen quando faço escaneamento completo ou escaneamento de inicialização boot, mas não consegue colocá-lo em quarentena. O arquivo infectado é C:\$Recycle.Bin\S-1-5-21-2557965090-2794394387-507434409-1007\$RX4XUYZ.msi|>disk1.cab|>Isass.exe. Não consigo encontrar esse arquivo no windows explorer.
Aguardo ajuda.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Vírus win32:pup-gen
« Reply #4 on: April 29, 2012, 10:59:42 PM »
O Avast detecta esse win32:pup-gen quando faço escaneamento completo ou escaneamento de inicialização boot, mas não consegue colocá-lo em quarentena. O arquivo infectado é C:\$Recycle.Bin\S-1-5-21-2557965090-2794394387-507434409-1007\$RX4XUYZ.msi|>disk1.cab|>Isass.exe. Não consigo encontrar esse arquivo no windows explorer.
Aguardo ajuda.

Please post English here..!! ;)
Thanks.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Vírus win32:pup-gen
« Reply #5 on: April 29, 2012, 11:10:47 PM »
@Alcir
Yes english.  :D
For support on your language, try this subforum:
http://forum.avast.com/index.php?board=21.0

Code: [Select]
Isass.exeThis is an old worm using USB device to infect your PC.

Step#1
Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr

Double click dds to run the tool.

    * When done, DDS will open two (2) logs:
         1. DDS.txt
         2. Attach.txt

Save both reports to your desktop. Attach DDS.txt back to topic.

Step#2


Download USBNoRisk to your Desktop and run it by double clicking the program icon.

  - Wait a few seconds while the program performs a initial scan.

  - Inserts your USB storage devices into USB slot one by one and keep in each one in slot for 10 seconds. We need to whati for USBNoRisk to check them:

   >If you have multiple devices for scanning , then the piece of paper keeps track of the sequence are inserted, because we will need this information later.

  - When you're done with all devices, click the right mouse button in the middle window and select Save scrambled log . This log will automatically open in Notepad.

 Please attach the log from Notepad to the forum.

In the USB memory devices includes all devices that by connecting the computer to obtain your label partitions.
These include USB [and] flash [/ i] drives, external hard drives, memory cards, MP3 and MP4 players, some mobile phones, a GPS (navigation) devices and so on.



Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
Re: Vírus win32:pup-gen
« Reply #6 on: April 30, 2012, 02:18:48 AM »
Quote from Alcir on April 28, 2012 @ 8:57:03 PM  Google translation Portuguese to English.
Quote
Avast detects this win32: pup-gen when I scan or full scan boot boot, but can not put it in quarantine. The infected file is C: \ $ Recycle.Bin \ S-1-5-21-2557965090-2794394387-507434409-1007 \ $ RX4XUYZ.msi |> disk1.cab |> Isass.exe. I can not find this file in windows explorer.
I wait for help.
Hope this helps others to follow along.  Note that Pondus was right, seems detection is either on normal scan or Avast! boot scan.
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801