Jump to content
Stew130

Trojan in System restore

Recommended Posts

Just ran a scan and picked up a trojan. Below is a copy of the log file. does this mean my System Restore is now infected and will not work? i haven't restarted the computer since it was found. What should my next step be?

v/r

Mike

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 08/12/2010 at 04:36 AM

Application Version : 4.41.1000

Core Rules Database Version : 5347

Trace Rules Database Version: 3159

Scan type : Complete Scan

Total Scan Time : 00:35:43

Memory items scanned : 688

Memory threats detected : 0

Registry items scanned : 9316

Registry threats detected : 1

File items scanned : 20007

File threats detected : 1

Disabled.SecurityCenterOption

HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY

Trojan.Agent/Gen-Falint

C:\SYSTEM VOLUME INFORMATION\_RESTORE{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP226\A0022940.EXE

Share this post


Link to post
Share on other sites

Just ran a scan and picked up a trojan. Below is a copy of the log file. does this mean my System Restore is now infected and will not work? i haven't restarted the computer since it was found. What should my next step be?

v/r

Mike

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 08/12/2010 at 04:36 AM

Application Version : 4.41.1000

Core Rules Database Version : 5347

Trace Rules Database Version: 3159

Scan type : Complete Scan

Total Scan Time : 00:35:43

Memory items scanned : 688

Memory threats detected : 0

Registry items scanned : 9316

Registry threats detected : 1

File items scanned : 20007

File threats detected : 1

Disabled.SecurityCenterOption

HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY

Trojan.Agent/Gen-Falint

C:\SYSTEM VOLUME INFORMATION\_RESTORE{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP226\A0022940.EXE

You need to turn OFF system restore, reboot, and then turn system restore back ON. That will clear the infection in system restore.

Share this post


Link to post
Share on other sites

that fixed it seems. thanks. kind of upset though that the real-time protection, also updates were current, i had enabled didn't stop it before it infected my system but it did catch it afterward. For future reference, can i back up the uninfected system restore points and reinstall them after something like this happens? when i turn off system restore it deletes all the points up to that time. thanks again.

v/r

Mike

Share this post


Link to post
Share on other sites

that fixed it seems. thanks. kind of upset though that the real-time protection, also updates were current, i had enabled didn't stop it before it infected my system but it did catch it afterward. For future reference, can i back up the uninfected system restore points and reinstall them after something like this happens? when i turn off system restore it deletes all the points up to that time. thanks again.

v/r

Mike

No, there is no way in Windows to backup the restore points. They will build up again over time.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×