Avast WEBforum

Other => Viruses and worms => Topic started by: anmoll on March 01, 2005, 01:40:22 PM

Title: Win32:Trojan-gen.
Post by: anmoll on March 01, 2005, 01:40:22 PM

avast shows me every session a virus/worm warning in the system volume information.What does it mean and why does it return everytime?
I heard it is possible to stop the windows restore process so if anyone knows how to do this,please let me know.
here some further information about the messages the avast client showed:

Code: [Select]

1.warning:
C:\System Volume Information\_restore{E52B7822-37A1-4B64-AE86-DB1D42530310}\RP77\A0034600.exe
Win32:Trojan-gen. {Other}
Virus/Worm

2.warning:
C:\System Volume Information\_restore{E52B7822-37A1-4B64-AE86-DB1D42530310}\RP78\A0034602.exe
Win32:Trojan-gen. {UPX!}
Virus/Worm


thanks

Title: Re: Win32:Trojan-gen.
Post by: Spyros on March 01, 2005, 01:45:14 PM

http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm  ;)

Title: Re: Win32:Trojan-gen.
Post by: DavidR on March 01, 2005, 01:56:44 PM

Windows attempts to protect files that are deleted from the system folders (just in case it was an accident), so they can be restored if required.

The problem is many malware writers are wise to that and put their files in the system folders, this is also done to confuse you into thinking you could be deleting an important system file.

Disable system restore, reboot, scan and if clean enable system restore again.

Title: Re: Win32:Trojan-gen.
Post by: anmoll on March 01, 2005, 04:13:46 PM

ok guys thx a lot I followed your advices.
so I´ll wait and see what will happen and if the warning will return or not!