Author Topic: Win32:Trojan-gen. {Other}  (Read 5109 times)

0 Members and 1 Guest are viewing this topic.

Offline Franciscano

  • Newbie
  • *
  • Posts: 2
Win32:Trojan-gen. {Other}
« on: December 24, 2004, 02:20:13 AM »
Hello,

Avast find virus:

Win32:Trojan-gen. {Other}

C:\Windows\system32\explorer.exe

What I make?

I have AMD Duron 800/20GB/258 RAM/WinXP Pro/SP1

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9364
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re:Win32:Trojan-gen. {Other}
« Reply #1 on: December 24, 2004, 07:07:12 AM »
Just delete it. Do this in safe mode.

The file mimics system file name,but its in the wrong place.
Visit my webpage Angry Sheep Blog

Offline cwardell

  • Newbie
  • *
  • Posts: 5
Re:Win32:Trojan-gen. {Other}
« Reply #2 on: December 25, 2004, 12:34:49 PM »
When installing a flight simulator add on "Ready for Pushback" from CD (boxed version, German), AVAST 4.5 report "Win-Trojan-gen.(UPX).
When the CD is scanned, AVAST reports this Trojan on most of the .exe files. Is it likely that an original CD is really infected?
 

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84918
  • No support PMs thanks
Re:Win32:Trojan-gen. {Other}
« Reply #3 on: December 25, 2004, 02:12:24 PM »
Welcome to the forums,

If you are getting a virus warning that you believe is a false positive, then if you can zip and password protect ('virus', will do) the suspect file and send it to virus @ avast.com (no spaces).

Give a brief outline of the problem, the fact that you believe it to be a false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner Jotti - Multi Engine Scanner if any other scanners here detect them it is less likely to be a false positive.

Also see (Mini Sticky) False Positives

Merry Christmas
« Last Edit: December 26, 2004, 03:34:26 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline cwardell

  • Newbie
  • *
  • Posts: 5
Re:Win32:Trojan-gen. {Other}
« Reply #4 on: December 26, 2004, 12:03:57 PM »
Hi DavidR,

Thanx for yr suggestions.
I'm afraid I can't copy the subject files from the CD. I always get a message that it's not r/o or in use. Maybe it's some kind of copy protection.
What next?

I have tried, as per your suggestion, www.virusscan.jotti.dhs.org bit I get the message "Board closed until further notice. "

The CD "Ready for Pushback" is marked: "German localized version published and distributed by ProfiSoft under license to Vmax Flight Systems." The product no. is: 4008140778533


I get the following warnings:

VPS Version: 0452-2, 23.12.2004

Win32:Trojan-gen. {UPX!}

H:\ADD_ONS\RFP_V2_Addons.exe
H:\CSC\CSC.exe
H:\Documentation\RFP_V2_DOC.exe
H:\RFP_V2\RFP_V2_06_CD.exe
H:\VIDEOS\RFP_V2_VIDEOS.exe


Any suggestions?
 ???
Best wishes,
Charles

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31309
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:Win32:Trojan-gen. {Other}
« Reply #5 on: December 26, 2004, 03:20:07 PM »
You are trying the wrong website. It is http://virusscan.jotti.dhs.org/

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84918
  • No support PMs thanks
Re:Win32:Trojan-gen. {Other}
« Reply #6 on: December 26, 2004, 03:35:50 PM »
My fault Eddy, for some reason my URL paste was wrong or got converted incorrectly.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline cwardell

  • Newbie
  • *
  • Posts: 5
Re:Win32:Trojan-gen. {Other}
« Reply #7 on: December 26, 2004, 04:51:11 PM »
Ok  -- thanks.
I now get the messge "The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file".
I do use ZoneAlarm Pro ... tried deactivating it ... but still get same message.
Any suggestions?
Best wishes,
Charles

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31309
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:Win32:Trojan-gen. {Other}
« Reply #8 on: December 27, 2004, 01:59:39 AM »
Quote
I do use ZoneAlarm Pro ... tried deactivating it ... but still get same message.
Many things comes to my mind. Did you pay for ZA? If not you can get all kinds of strange things. If you did, ZA is known for some strange things. Disabling it will not solve anything. Removing and reinstalling will (if it is ZA who is causing troubles)

Offline cwardell

  • Newbie
  • *
  • Posts: 5
Re:Win32:Trojan-gen. {Other}
« Reply #9 on: December 27, 2004, 11:59:31 AM »
Hi Eddy,
Yes -- ZA Pro is the paid version ...
As I said it's only these files that cannot but uploaded. They cannot even be copied from the CD. I expect it may be some kind of copy protection mechanism that is causing the false positive (if it is a false positive).
Anyway, I still don't know how to send the files to AVAST if they cannot be copied, ziped or uploaded.
Have there been any other similar reports re software from ProfiSoft?




Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re:Win32:Trojan-gen. {Other}
« Reply #10 on: December 27, 2004, 03:11:58 PM »
Anyway, I still don't know how to send the files to AVAST if they cannot be copied, ziped or uploaded.

Can't you add the file to the Chest and, from there, send to Alwil?
The best things in life are free.

Offline cwardell

  • Newbie
  • *
  • Posts: 5
Re:Win32:Trojan-gen. {Other}
« Reply #11 on: December 28, 2004, 12:45:14 AM »
No  -- AVAST says that it cannot process the file. See enclosed screen shot.