Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse


  • Please log in to reply
2 replies to this topic

#1 phil7

phil7

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 01 August 2004 - 10:00 PM

AVG Resident Shield has detected this trojan horse ( startpage.6.BF ) on my computer. It said to run AVG to remove it. I ran it and it was not found. It resides in C:\System Volume Information\_Restore{68DCD3E-2073-4915-A5DC-A445A55876AD}\RP564\A0193444.exe on my computer. I ran HouseCall, Adaware, SpyBot, and Spyblaster. Nothing works. Also I am denied access to the file. Everything is updated. Please help :thumbsup:
Phil
Iíve learned two things in life: One, there is a God; Two, Iím not Him!

BC AdBot (Login to Remove)

 


m

#2 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,522 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:43 PM

Posted 01 August 2004 - 10:59 PM

Hi Phil,
System Volume Information is System Restore. If that's the only place that file is located then you shouldn't worry. Basically it's a backup of the trojan that won't reactivate unless you use SysRestore to go back to an earlier time. AVG can see it but it can't do anything to it because only windose has access to it. AVG seems to be the worse about raising what is basically a false alarm.

To get rid of the warnings and prevent you from accidentally reinfecting yourself you'll have to delete all your restore points. To do that disable System Restore and then re-enable it again. You can see how to do this in our tutorial--still running ME?--well here's both of them:

Windows XP System Restore Guide.

Managing Windows Millenium System Restore

Run a full system scan with AVG and then post back if the warning from avg has come back again.

The fate of all mankind, I see

Is in the hands of fools

--King Crimson


#3 phil7

phil7
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 01 August 2004 - 11:03 PM

Thanks Papakid. That was in the back of my mind but wanted some expert advice.
I'll clean out the restore files and get a clean restore point and do another scan.
Have a nice nite.
Phil
Iíve learned two things in life: One, there is a God; Two, Iím not Him!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users