Downloader.Wren.F

Toggle sidebar Toggle sidebar
Z

ZachMarius

Senior member
May 6, 2004
353
0
0
I have AVG for Windows and every so often I get a notice saying I have the Trojan horse Downloader.Wren.F in my

C:\System Volume Information\_restore{E0C22EC0-D318-4D95967D-A5C2V4653ED0}\RP15\A150014977.DLL

I have run AVG but it didn't come up with anything. I also ran Norton AntiVirus 2003 (Updated) and Panda's ActiveScan, but to no avail. I've also tried deleting the folder and accessing it in Safe Mode. Also nothing has worked.

If anyone has any suggestions I highly appriciate them in deleting this annoyance.

Thanks
Zach Marius
 
mechBgon

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Here are some suggestions:

  1. Take your system to http://windowsupdate.microsoft.com and get it patched if necessary
  2. Set the passwords for all of the user accounts to something strong (example: n0_V1rus4me) to stop share-hopping worms that hope for weak/blank passwords
  3. If you have an always-on Internet connection (cable or DSL for example) then get a router to screen out attacks by skript kiddies and worm-infected computers on the Internet
  4. Install the free basic version of ZoneAlarm firewall software and don't approve Internet activity for a program when ZoneAlarm asks if it should be allowed, until you know for a fact what the program is that's trying to get out the door.
  5. Install and run SpyBot Search &amp; Destroy 1.3 and Lavasoft AdAware and run full scans looking for spyware/adware
  6. Get rid of any P2P programs and delete their folders
  7. Disable System Restore {how to do it) to get rid of the System Restore folders, and empty your Recycle Bin
  8. Update AVG if necessary and run all your scans again
Based on my recent experience with LABachlr's fight, I think there could possibly be a spyware/adware/browser help object doing this to you, so don't neglect the spyware scans.
[*]
 
D

dclive

Elite Member
Oct 23, 2003
5,626
2
81
Originally posted by: ZachMarius
I have AVG for Windows and every so often I get a notice saying I have the Trojan horse Downloader.Wren.F in my

C:\System Volume Information\_restore{E0C22EC0-D318-4D95967D-A5C2V4653ED0}\RP15\A150014977.DLL

I have run AVG but it didn't come up with anything. I also ran Norton AntiVirus 2003 (Updated) and Panda's ActiveScan, but to no avail. I've also tried deleting the folder and accessing it in Safe Mode. Also nothing has worked.

If anyone has any suggestions I highly appriciate them in deleting this annoyance.

Thanks
Zach Marius
Click to expand...

That's where System Restore data is stored, so turn that off, wait a minute, then turn it back on, and you'll be fine. (I'm assuming that's the only place that virus was found.)
 
marmasatt

marmasatt

Diamond Member
Jan 30, 2003
6,573
21
81
Not to hijack, but more to piggy-back on this.....;)......what's wrong with using System Restore? Is that easily exploitable or something? Where have I been?

Or are you just saying turn it off for this particular virus as that is where it is being stored?
 
T

talyn00

Golden Member
Oct 18, 2003
1,666
0
0
Originally posted by: marmasatt
Not to hijack, but more to piggy-back on this.....;)......what's wrong with using System Restore? Is that easily exploitable or something? Where have I been?

Or are you just saying turn it off for this particular virus as that is where it is being stored?
Click to expand...

In this case the virus was being stored in the System Restore, and I would guess some of the restore points are infected.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom