Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast Antivirus: Win32: Evo-gen [Susp]?


  • This topic is locked This topic is locked
4 replies to this topic

#1 TheDarkWalrus

TheDarkWalrus

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 20 July 2014 - 02:26 PM

Hello, everyone.

 

I've recently been getting pop ups from my antivirus, Avast, saying that a virus called ''Win32: Evo-gen [Susp]'' was moved to the chest. It all started a few days ago, when I was trying to download Bluestacks but I accidentally downloaded something else, which threw about 10 weird programs onto my computer. Avast went berserk when I did, warning me of said virus, so I quickly uninstalled everything that had just been installed on my computer, and that was that. This was on Friday, July 18th. Yesterday Avast did not warn me at all of this virus, and all was well. However, today, about half an hour ago Avast warned me once more of the same virus. I am not sure if I am indeed infected, or if it's a false positive.

 

Would anyone be willing to please help me decipher whether it's a true threat or if it's a false positive, and if it is the former, how to rid my machine of the malware which has infected it? I will also provide a dds log and attach log if that helps at all.

 

Thank you so much for reading. Your help would be GREATLY appreciated.  :love4u: 

Attached Files



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 21 July 2014 - 02:11 AM

Hi there,

Avast, saying that a virus called ''Win32: Evo-gen [Susp]

Can you please tell me what files (filename with full path) avast has detected to be this threat?

Also, please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 TheDarkWalrus

TheDarkWalrus
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 21 July 2014 - 05:12 PM

Hi there,
 

Avast, saying that a virus called ''Win32: Evo-gen [Susp]

Can you please tell me what files (filename with full path) avast has detected to be this threat?

Also, please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

 

Thank you very much for your reply.

 

Unfortunately, I am not quite sure what file(s) Avast detected the threat in, as I did not take a screenshot of the antivirus warning me of the malware, and I have yet to recieve another alert since I opened up this topic. However, I did obtain the two FRST logs which you requested.

Attached Files



#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 22 July 2014 - 02:11 AM

Hi,

there are a few leftovers of this adware stuff that was bundled to your first Bluestack installers.


Step 1

Please download AdwCleaner (by Xplode) and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.


Step 2

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:07 AM

Posted 03 September 2014 - 06:51 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users