Avast WEBforum

Other => General Topics => Topic started by: Tessmess on March 15, 2005, 11:48:32 AM

Title: Win32:Trojan-gen.{VC}
Post by: Tessmess on March 15, 2005, 11:48:32 AM
Hi
can anyone help?
I keep getting the same virus messages.
I have tried to restore the system to an earlier date but it will not allow the action. I have assumed that this is because the virus is in the 'restore' files?
This is a small sample of the messages I am getting.

15/03/2005 10:19:00   SYSTEM   1660   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036664.exe" file. 
15/03/2005 09:12:50   SYSTEM   1660   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036662.vxd" file. 
15/03/2005 08:11:46   SYSTEM   1660   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036661.exe" file. 
14/03/2005 22:26:32   SYSTEM   1860   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036661.exe" file. 
14/03/2005 21:26:33   SYSTEM   1860   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036661.exe" file. 
14/03/2005 18:17:54   SYSTEM   1652   Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036657.exe" file. 
14/03/2005 17:19:04   SYSTEM   1652   Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036656.exe" file. 
14/03/2005 16:12:17   SYSTEM   1652   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\WINDOWS0\system32\msexreg.exe" file. 
14/03/2005 16:09:07   SYSTEM   1652   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036535.exe" file. 
14/03/2005 15:47:43   SYSTEM   1652   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036534.vxd" file. 
14/03/2005 13:04:47   SYSTEM   1652   Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\System Volume Information\_restore{88730DA8-D987-4BC3-B63C-D608325CBEA9}\RP188\A0036532.exe" file. 
Title: Re: Win32:Trojan-gen.{VC}
Post by: Spyros on March 15, 2005, 12:21:52 PM
Please see this thread: http://forum.avast.com/index.php?topic=11651.msg98514
Title: Re: Win32:Trojan-gen.{VC}
Post by: DavidR on March 15, 2005, 01:57:52 PM
Restoring to an earlier point is a poor option and rarely works well.

SYSTEM RESTORE
Win XP-ME - How to disable System Restore (http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm)

Once you have disabled system restore, reboot, that should automatically delete the contents of the _Restore folders. Scan your PC again and if clear enable system restore.

If that hasn't resolved it (keep system restore disabled) reboot into safe mode (usually by pressing the F8 key during boot. This stops many programs running and getting into memory (including some viri), once in run avast and scan in boot mode.

SYSTEM RESTORE - Info - Troubleshooting
There are many, many reasons why a System Restore may fail. For example, see "Why are previous restore points not working?" in the "Troubleshooting" section of this official Microsoft page:
http://www.microsoft.com/technet/prodtechnol/winxppro/plan/faqsrwxp.mspx

There's lots more on that page that's worth reading too. Note especially the sections on "Does System Restore protect personal data files?" (the short answer: no); "What should I do if System Restore does not work?"; "Why are my restore points missing or deleted?"; "Why does the System Restore Wizard lockup?"; and so on. Just a few minutes on that page ought to convince just about anyone that System Restore is not intended for heavy-duty system protection!

More info:
http://www.kellys-korner-xp.com/xp_restore.htm
http://www.experts-exchange.com/Operating_Systems/WinME/Q_20718080.html
Title: Re: Win32:Trojan-gen.{VC}
Post by: Eddy on March 15, 2005, 02:12:53 PM
I agree with David. Personally I have disabled system restore on all my systems. It was a good try from MS but failed to accomplisch what it is ment to do. Make sure you create backups of the important date on a regular base and create a image of the system.