"Win32:Trojan-gen. {VC}" "Win32:Trojan-gen. {UPX!}"

Discussion in 'Computer Support' started by D@Z, Jan 30, 2006.

  1. D@Z

    D@Z Guest

    30/01/2006 17:33:20 D@Z 1252 Sign of "Win32:Trojan-gen. {VC}" has been found
    in "C:\System Volume
    Information\_restore{A39FF000-091E-4DE4-B48E-32166E43D41E}\RP211\A0017167.exe"
    file.
    30/01/2006 17:31:47 D@Z 1252 Sign of "Win32:Trojan-gen. {UPX!}" has been
    found in "C:\System Volume
    Information\_restore{A39FF000-091E-4DE4-B48E-32166E43D41E}\RP189\A0016063.exe"
    file.

    Avast threw these 2 at me today ? AVG has not detected anything so far, any
    ideas on removal.
    Running Windows XP Professional service pack 2
     
    D@Z, Jan 30, 2006
    #1
    1. Advertising

  2. D@Z

    why? Guest

    On Mon, 30 Jan 2006 17:47:11 -0000, D@Z wrote:

    >30/01/2006 17:33:20 D@Z 1252 Sign of "Win32:Trojan-gen. {VC}" has been found
    >in "C:\System Volume
    >Information\_restore{A39FF000-091E-4DE4-B48E-32166E43D41E}\RP211\A0017167.exe"
    >file.


    <snip>

    http://www.google.com/search?q=Win32:Trojan-gen. {VC}


    >Avast threw these 2 at me today ? AVG has not detected anything so far, any
    >ideas on removal.
    >Running Windows XP Professional service pack 2
    >


    IIRC, the fix is usually along the lines of -
    a few simple steps like disable system restore, remove restore files.
    Reenable system restore after a clean report.

    But you can check by reading past posts from 24HSHD
    http://groups.google.com/group/24hoursupport.helpdesk?
    looking at the removal notes on the AV vendor sites, or checking
    www.google.com .

    I am sure Mcafee has something on this, then again so does MS for MS
    products there are steps for this sort of thing.

    Using www.google.com , with some guessing about the keywords to use
    remove virus from system restore

    http://www.google.com/search?q=remove virus from system restore
    Antivirus Tools Cannot Clean Infected Files in the _Restore Folder
    Because of this, the antivirus program is unable to remove the virus
    from the ... The System Restore feature is not designed to detect or
    scan for virus ...
    http://support.microsoft.com/support/kb/articles/Q263/4/55.ASP - Similar
    pages

    Disabling or enabling Windows XP System Restore
    For example, removing viruses. Restart the computer and follow the
    instructions in the next section to turn on System Restore. To turn on
    Windows XP System ...
    http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam
    - 26k - 28 Jan 2006 -


    Me
     
    why?, Jan 30, 2006
    #2
    1. Advertising

  3. D@Z

    p-nut Guest

    D@Z wrote:
    > 30/01/2006 17:33:20 D@Z 1252 Sign of "Win32:Trojan-gen. {VC}" has
    > been found in "C:\System Volume
    > Information\_restore{A39FF000-091E-4DE4-B48E-32166E43D41E}\RP211\A0017167.exe"
    > file.
    > 30/01/2006 17:31:47 D@Z 1252 Sign of "Win32:Trojan-gen. {UPX!}" has
    > been found in "C:\System Volume
    > Information\_restore{A39FF000-091E-4DE4-B48E-32166E43D41E}\RP189\A0016063.exe"
    > file.
    >
    > Avast threw these 2 at me today ? AVG has not detected anything so
    > far, any ideas on removal.
    > Running Windows XP Professional service pack 2


    First you have to disable System Restore before you will be able to clean
    it.
    Once you've gotten rid of the trojan then you can re-enable System Restore
    and all should be well again.

    Right My Computer > System Restore > Turn off System Restore on all drives.

    Might want to disable System Restore, clean the trojan , reboot and then
    enable System Restore again.
     
    p-nut, Jan 30, 2006
    #3
  4. D@Z wrote:

    30/01/2006 17:33:20 D@Z 1252 Sign of "Win32:Trojan-gen. {VC}" has been found
    >in "C:\System Volume
    >Information\_restore{A39FF000-091E-4DE4-B48E-32166E43D41E}\RP211\A0017167.exe"
    >file.
    >30/01/2006 17:31:47 D@Z 1252 Sign of "Win32:Trojan-gen. {UPX!}" has been
    >found in "C:\System Volume
    >Information\_restore{A39FF000-091E-4DE4-B48E-32166E43D41E}\RP189\A0016063.exe"
    >file.
    >
    >Avast threw these 2 at me today ? AVG has not detected anything so far, any
    >ideas on removal.
    >Running Windows XP Professional service pack 2
    >
    >
    >
    >


    Tell me more about that.
     
    Liza Smorgaborgsson, Jan 30, 2006
    #4
  5. Re: Re: "Win32:Trojan-gen. {VC}" "Win32:Trojan-gen. {UPX!}"

    why? wrote:

    On Mon, 30 Jan 2006 17:47:11 -0000, D@Z wrote:
    >
    >
    >
    >http://www.google.com/search?q=Win32:Trojan-gen. {VC}
    >
    >
    >
    >IIRC, the fix is usually along the lines of -
    >a few simple steps like disable system restore, remove restore files.
    >Reenable system restore after a clean report.
    >
    >But you can check by reading past posts from 24HSHD
    >http://groups.google.com/group/24hoursupport.helpdesk?
    >looking at the removal notes on the AV vendor sites, or checking
    >www.google.com .
    >
    >I am sure Mcafee has something on this, then again so does MS for MS
    >products there are steps for this sort of thing.
    >
    >Using www.google.com , with some guessing about the keywords to use
    >remove virus from system restore
    >
    >http://www.google.com/search?q=remove virus from system restore
    >Antivirus Tools Cannot Clean Infected Files in the _Restore Folder
    >Because of this, the antivirus program is unable to remove the virus
    >from the ... The System Restore feature is not designed to detect or
    >scan for virus ...
    >http://support.microsoft.com/support/kb/articles/Q263/4/55.ASP - Similar
    >pages
    >
    >Disabling or enabling Windows XP System Restore
    >For example, removing viruses. Restart the computer and follow the
    >instructions in the next section to turn on System Restore. To turn on
    >Windows XP System ...
    >http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam
    >- 26k - 28 Jan 2006 -
    >
    >
    >Me
    >
    >


    What do you think about machines?
     
    Liza Smorgaborgsson, Jan 30, 2006
    #5
  6. Re: Re: "Win32:Trojan-gen. {VC}" "Win32:Trojan-gen. {UPX!}"

    p-nut wrote:

    D@Z wrote:
    >
    >First you have to disable System Restore before you will be able to clean
    >it.
    >Once you've gotten rid of the trojan then you can re-enable System Restore
    >and all should be well again.
    >
    >
    >Might want to disable System Restore, clean the trojan , reboot and then
    >enable System Restore again.
    >
    >
    >
    >


    What are your feelings now?
     
    Liza Smorgaborgsson, Jan 30, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jamesa01
    Replies:
    2
    Views:
    482
    Steve
    Feb 27, 2006
Loading...

Share This Page