Trojan Generic Keeps Reappearing After Being Deleted By Bd

Yesterday, while doing an external scan with HouseCall, I got a BD alert that Trojan.Generic.1607300 was detected and deleted.

After doing a scan with BD, the same trojan was found again at

C:\windows\Downloaded Installations\{D097E1D4-7C6A-433E-8E01-39733D6629F2}\Acer eDataSecurityManagement.msi=>(Embedded CAB)=>decryption.exe

This Trojan keeps reappearing after being detected and deleted by BD. Is this due to System Restore?

How can I get rid of it??? Please help!

(Windows XP)

Find more posts tagged with

Comments

hnyaji

Yes

this file goes to the system restore folder, every time BD deletes it. BD detects it in the system restore folder, and the windows does not let the file to delete!

To solve this, when the file is in the system restore folder (this happens after BD has cleaned it), just disable and re-enable system restore. This should delete all of your system restore files along with this trojan.

Hemanth

alexcrist

Hello Iradu,

Please find this file:

C:\windows\Downloaded Installations\{D097E1D4-7C6A-433E-8E01-39733D6629F2}\Acer eDataSecurityManagement.msi

put it in a password-protected archive (with the password infected), upload the archive on a file-sharing server and send me the download link through PM.

Details here: http://forum.bitdefender.com/index.php?s=&...post&p=1222

EDIT: That detection was a false alarm. It should be removed after the next update.

Cris.

IRadu

Hello Iradu,

Please find this file:
C:\windows\Downloaded Installations\{D097E1D4-7C6A-433E-8E01-39733D6629F2}\Acer eDataSecurityManagement.msi
put it in a password-protected archive (with the password infected), upload the archive on a file-sharing server and send me the download link through PM.

Details here: http://forum.bitdefender.com/index.php?s=&...post&p=1222

EDIT: That detection was a false alarm. It should be removed after the next update.

Cris.

Hi Cris,

Thank you for your message.

Yes, it never appear again today after update.

Iradu

alexcrist

You are welcome, Iradu. If you have other questions, please don't hesitate to post.

Cris.

== Topic closed. (issue solved) ==

== If you need this topic reopened, please contact me through PM ==