Jump to content
kevbuck

AVG detected trojan; Generic11.BEOG

Recommended Posts

Has anyone heard of the trojan Generic11.BEOG? AVG found this tonight. Yet there is no information in the forums or virus encyclopedia. I tried googling-nothing either.

Please note that my experience is very limited. I have Windows XP sp3 with AVG(free8.0), MBAM and Zonealarm(firewall)

I ran all updates, ran an AVG and MBAM scan tonight- nothing. Ran second AVG after another update and the scan found this;

Trojan horse Generic11.BEOG

C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

Sent it to AVG for analysis as false positive. Unfortunately, I have heard that can take some time.

Does anyone know what or heard anything about this? Is it a false positive or Trojan???

MBSM found Trojan.Agent and Rogue.Suspect(both quarantined) last week which i posted in the General Forum and was advised to run HJT, Panda and Spybot(tomorrow for sure) Could all of these be linked somehow????

Any advice/input would be greatly appreciated

Thanks

Share this post


Link to post
Share on other sites

I have a feeling that it's attributed to Adobe reader in some way. I was clear until I installed the reader from the adobe site. After a scan it brought up the same instance you reported. AVG couldn't heal nor remove so hopefully Adaware or Spybot will do the trick - will run in a mo.

Thoughts anyone?

Share this post


Link to post
Share on other sites
Has anyone heard of the trojan Generic11.BEOG? AVG found this tonight. Yet there is no information in the forums or virus encyclopedia. I tried googling-nothing either.

Please note that my experience is very limited. I have Windows XP sp3 with AVG(free8.0), MBAM and Zonealarm(firewall)

I ran all updates, ran an AVG and MBAM scan tonight- nothing. Ran second AVG after another update and the scan found this;

Trojan horse Generic11.BEOG

C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

Sent it to AVG for analysis as false positive. Unfortunately, I have heard that can take some time.

Does anyone know what or heard anything about this? Is it a false positive or Trojan???

MBSM found Trojan.Agent and Rogue.Suspect(both quarantined) last week which i posted in the General Forum and was advised to run HJT, Panda and Spybot(tomorrow for sure) Could all of these be linked somehow????

Any advice/input would be greatly appreciated

Thanks

I found same "problem" this morning...Yesterday at the same time the scan was done none of those "infections"were there. In mean time Avg did update and "infections" were there. I have send files as well for check up. I went on google to find "virus" but there was nothing except your post!

I also have these in vault:

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0010583.exe

and this one :

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0000038.exe

and same as yours:

C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

if i do get some answers i will keep your posted and please do the same!

Tnx

Share this post


Link to post
Share on other sites
Has anyone heard of the trojan Generic11.BEOG? AVG found this tonight. Yet there is no information in the forums or virus encyclopedia. I tried googling-nothing either.

Please note that my experience is very limited. I have Windows XP sp3 with AVG(free8.0), MBAM and Zonealarm(firewall)

I ran all updates, ran an AVG and MBAM scan tonight- nothing. Ran second AVG after another update and the scan found this;

Trojan horse Generic11.BEOG

C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

Sent it to AVG for analysis as false positive. Unfortunately, I have heard that can take some time.

Does anyone know what or heard anything about this? Is it a false positive or Trojan???

MBSM found Trojan.Agent and Rogue.Suspect(both quarantined) last week which i posted in the General Forum and was advised to run HJT, Panda and Spybot(tomorrow for sure) Could all of these be linked somehow????

Any advice/input would be greatly appreciated

Thanks

I found the same Trojan in the same place as you, when i did a scan with avg this morning.

I find this odd because i have not just downloaded the adobe reader its been on my computer for a while. :blink:

I have done many scans before this morning that have not found this Trojan. Anyway for now i have moved it to the virus vault

Share this post


Link to post
Share on other sites

AVG gave me this message this morning as well (when my notebook was idle!). I decided to ignore it since I haven't updated Adobe Reader for ages.

Kindly regards,

Mona.

Share this post


Link to post
Share on other sites

I too got the message re: Trojan Horse Generic11.BEOG which infected the setup.exe file in Adobe Reader 9. I moved it to the Virus Vault. Does anyone know what to do about this? Should I simply delete it from the Virus Vault? Will it affect the usability of Adobe Reader? Any insight on this would be appreciated.

Share this post


Link to post
Share on other sites
I found same "problem" this morning...Yesterday at the same time the scan was done none of those "infections"were there. In mean time Avg did update and "infections" were there. I have send files as well for check up. I went on google to find "virus" but there was nothing except your post!

I also have these in vault:

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0010583.exe

and this one :

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0000038.exe

and same as yours:

C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

if i do get some answers i will keep your posted and please do the same!

Tnx

Hi brannka,

I did a second scan and came up with similar System Volume Information\_restore entries.

Tigger93(moderator) has posted that it is a false positive. I have requested info as to whether we restore all quarantined items or not

No response from AVG, not expecting to see one either. Thank god for MBAM and this forum--awesome

Will keep you posted

Share this post


Link to post
Share on other sites
It is not a virus, it is a false positive by AVG.

Thanks Tigger93

So now do i restore it? Also what do the entries below mean? Restore them all??

FYI, a second scan showed two entries similar to brannka's post below:

I found same "problem" this morning...Yesterday at the same time the scan was done none of those "infections"were there. In mean time Avg did update and "infections" were there. I have send files as well for check up. I went on google to find "virus" but there was nothing except your post!

I also have these in vault:

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0010583.exe

and this one :

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0000038.exe

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.