Panic? "trojan.generic..." In System Restore Images That Were Already Scanned

14 of my clients all reported this during the scan last night:

Infected files were found during the scanning process, and they are listed below:

Infected objects information
      C:\System Volume Information\_restore{E7276E57-4F79-409F-B1A4-3D382C476E72}\RP589\A0036940.exe
      C:\System Volume Information\_restore{E7276E57-4F79-409F-B1A4-3D382C476E72}\RP589\A0036949.exe
      C:\System Volume Information\_restore{E7276E57-4F79-409F-B1A4-3D382C476E72}\RP617\A0038113.exe

Viruses found
      Trojan.Generic.1318469 (3)

Now, at least two of those three .exe files have been scanned before with no detection. I need some help on this one!!

These are all still running under the BDEM 2.6 (mainly due to lack of support for my issues migrating)

Find more posts tagged with

Comments

Sm3K3R

Disable System Restore on all drives, delete Recycle Bin folders ,clean all Temps folders ,remove network cable ,enter and do a Safe Mode BD deep scan ,restart computer ,then reenable system restore and check again for viruses.

Good Luck!

dreamgear

Disable System Restore on all drives, delete Recycle Bin folders ,clean all Temps folders ,remove network cable ,enter and do a Safe Mode BD deep scan ,restart computer ,then reenable system restore and check again for viruses.

Good Luck!

Sheesh, everyone just totally misses the point on these. There are three system restore images there. The previous night, they were all scanned and there were no detections. New info: the following night they were all scanned again and there were no detections.

There are 14 of them ! What do I do, stop the business and hire 3 temps? Some of these people are on different networks and don't talk to each other! Nothing could have gotten onto these systems unless BD missed it in the first place !!!

And since when does BD work in safe mode?

dreamgear

Sheesh, everyone just totally misses the point on these. There are three system restore images there. The previous night, they were all scanned and there were no detections. New info: the following night they were all scanned again and there were no detections.

There are 14 of them ! What do I do, stop the business and hire 3 temps? Some of these people are on different networks and don't talk to each other! Nothing could have gotten onto these systems unless BD missed it in the first place !!!

And since when does BD work in safe mode?

More importantly, what is Trojan.Generic.1318469 ? Why is there nothing in the vaunted "Virus Encyclopedia" on it? Why should I believe there is any real problem when you've given me zero information on the threat?