Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[chrissie]

I've had AVG 8.0 bought version for a couple of months now after being persuaded to get rid of the Nortons.  Anyway.... yesterday with no scan scheduled it ran a scan on its' own... nowt found.  This morning it did the same but came up with the following....

both under... Potentially harmful program Dialer.IRW

C:\Program Files\Online Services\BTYahoo\Broadband\YSignup\DialBBSignup.exe

C:\System Volume Information\_restore{2C64A447-4679-4204-A039-16352F4E07D}\RP399\AOO38454.exe

and it's put them in the virus vault.... so what do I do now and why did it run both scans without a schedule or manual input?

Whilst waiting for it to finish scanning, I watched some of the files and a lot of them in D:\ hp patches had Spanish and other foreign extensions... is this anything to worry about?
----------------------------------------------------
Also - sorry for the length of post here, a few weeks back AVG picked up on the following:

Trojan Generic10.BDRL in two files. One is hp recovery wizard and the other System Volume Information.

I googled this trojan and came across someone asking exactly the same thing and that AVG had found it in exactly the same two files!! I then read it could be a false positive and after contacting AVG THREE times to ask what to do, they haven't bothered to reply.

So all four of these "things" are in the virus vault and I don't know what to do about it, someone suggested wiping the system restore points but even then I am not sure and especially now with it finding the diallers today.

Would really appreciate your comments/help because as a lot of you know... I'm completely useless and far from confident in doing anything security wise...or dealing with issues within it.  Thanks so much for your help.... meanwhile I will see if another scan later reveals anything else.

Chrissie

[Pwiggler]

Hi chrissie

Some trojans can be dormant until a certain time when they will 'wake up', avg prob detected the trojan starting and so it quarantined it and ran a full scan just in case.

dont worry about the foreign extensions, they are standard hp files.

you dont need to wipe anything if avg has then nasties in the virus vault ... they should be safe in there or you could clear the vault to free up (a bit of) space.

if you are on broadband then you wont have (or shouldnt have) a dialup modem attached to a phone line unless you use the pc as a fax machine - so the dialler can try as hard as they like but they wont get anywhere 

if your anti virus is catching things then its doin its job so .... chill !

[oldfogy]

C:\Program Files\Online Services\BTYahoo\Broadband\YSignup\DialBBSignup.exe

C:\System Volume Information\_restore{2C64A447-4679-4204-A039-16352F4E07D}\RP399\AOO38454.exe

So all four of these "things" are in the virus vault and I don't know what to do about it, someone suggested wiping the system restore points but even then I am not sure and especially now with it finding the diallers today.

First of all, at this stage do not clear the restore points.
Secondly, the listing of "_restore{2C64A447-4679..........etc" is showing that it has now also removed that part from the System Restore point on that day.

you dont need to wipe anything if avg has then nasties in the virus vault ... they should be safe in there or you could clear the vault to free up (a bit of) space.

Also I would be inclined to leave them in the virus vault for a few weeks (or even longer) just in case you start having problems with your HP product/s.
That way you could always retrieve and replace them, if in-fact they are not a virus or Trojan, but just a False Positive .

However, and I may be wrong.
I am wondering if this "so called attack" was not just HP trying to get on-line to scan for updates.
So it could pay to check the HP settings to see if Auto-updated is active.

[kitz]

I noticed several months ago that AVG falsely classed the BT dialler as harmful.  Could be fun for someone that actually relies on it