AVG detected trojan; Generic11.BEOG Options

[kevbuck]

Has anyone heard of the trojan Generic11.BEOG? AVG found this tonight. Yet there is no information in the forums or virus encyclopedia. I tried googling-nothing either.

Please note that my experience is very limited. I have Windows XP sp3 with AVG(free8.0), MBAM and Zonealarm(firewall)

I ran all updates, ran an AVG and MBAM scan tonight- nothing. Ran second AVG after another update and the scan found this;
Trojan horse Generic11.BEOG
C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

Sent it to AVG for analysis as false positive. Unfortunately, I have heard that can take some time.
Does anyone know what or heard anything about this? Is it a false positive or Trojan???

MBSM found Trojan.Agent and Rogue.Suspect(both quarantined) last week which i posted in the General Forum and was advised to run HJT, Panda and Spybot(tomorrow for sure) Could all of these be linked somehow????
Any advice/input would be greatly appreciated

Thanks

[john.kreelman]

I have a feeling that it's attributed to Adobe reader in some way. I was clear until I installed the reader from the adobe site. After a scan it brought up the same instance you reported. AVG couldn't heal nor remove so hopefully Adaware or Spybot will do the trick - will run in a mo.

Thoughts anyone?

[brannka]

Has anyone heard of the trojan Generic11.BEOG? AVG found this tonight. Yet there is no information in the forums or virus encyclopedia. I tried googling-nothing either.

Please note that my experience is very limited. I have Windows XP sp3 with AVG(free8.0), MBAM and Zonealarm(firewall)

I ran all updates, ran an AVG and MBAM scan tonight- nothing. Ran second AVG after another update and the scan found this;
Trojan horse Generic11.BEOG
C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

Sent it to AVG for analysis as false positive. Unfortunately, I have heard that can take some time.
Does anyone know what or heard anything about this? Is it a false positive or Trojan???

MBSM found Trojan.Agent and Rogue.Suspect(both quarantined) last week which i posted in the General Forum and was advised to run HJT, Panda and Spybot(tomorrow for sure) Could all of these be linked somehow????
Any advice/input would be greatly appreciated

Thanks

I found same "problem" this morning...Yesterday at the same time the scan was done none of those "infections"were there. In mean time Avg did update and "infections" were there. I have send files as well for check up. I went on google to find "virus" but there was nothing except your post!
I also have these in vault:
C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0010583.exe
and this one :

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0000038.exe


and same as yours:
C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

if i do get some answers i will keep your posted and please do the same!
Tnx

[marie]

Has anyone heard of the trojan Generic11.BEOG? AVG found this tonight. Yet there is no information in the forums or virus encyclopedia. I tried googling-nothing either.

Please note that my experience is very limited. I have Windows XP sp3 with AVG(free8.0), MBAM and Zonealarm(firewall)

I ran all updates, ran an AVG and MBAM scan tonight- nothing. Ran second AVG after another update and the scan found this;
Trojan horse Generic11.BEOG
C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

Sent it to AVG for analysis as false positive. Unfortunately, I have heard that can take some time.
Does anyone know what or heard anything about this? Is it a false positive or Trojan???

MBSM found Trojan.Agent and Rogue.Suspect(both quarantined) last week which i posted in the General Forum and was advised to run HJT, Panda and Spybot(tomorrow for sure) Could all of these be linked somehow????
Any advice/input would be greatly appreciated

Thanks

I found the same Trojan in the same place as you, when i did a scan with avg this morning.
I find this odd because i have not just downloaded the adobe reader its been on my computer for a while.
I have done many scans before this morning that have not found this Trojan. Anyway for now i have moved it to the virus vault

[mona7865]

AVG gave me this message this morning as well (when my notebook was idle!). I decided to ignore it since I haven't updated Adobe Reader for ages.

Kindly regards,

Mona.

[Mart007]

I too have the same problem i have moved it to the virus vault while sum1 works out what it is

[rayanne]

I too got the message re: Trojan Horse Generic11.BEOG which infected the setup.exe file in Adobe Reader 9. I moved it to the Virus Vault. Does anyone know what to do about this? Should I simply delete it from the Virus Vault? Will it affect the usability of Adobe Reader? Any insight on this would be appreciated.

[Tigger93]

It is not a virus, it is a false positive by AVG.

[kevbuck]

I found same "problem" this morning...Yesterday at the same time the scan was done none of those "infections"were there. In mean time Avg did update and "infections" were there. I have send files as well for check up. I went on google to find "virus" but there was nothing except your post!
I also have these in vault:
C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0010583.exe
and this one :

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0000038.exe


and same as yours:
C:\Program Files\Adobe\Reader9.0\Setup Files{AC76BA86-7AD7-1033-7B44-A90000000001\Setup.exe

if i do get some answers i will keep your posted and please do the same!
Tnx

Hi brannka,
I did a second scan and came up with similar System Volume Information\_restore entries.
Tigger93(moderator) has posted that it is a false positive. I have requested info as to whether we restore all quarantined items or not
No response from AVG, not expecting to see one either. Thank god for MBAM and this forum--awesome
Will keep you posted

[kevbuck]

It is not a virus, it is a false positive by AVG.

Thanks Tigger93
So now do i restore it? Also what do the entries below mean? Restore them all??
FYI, a second scan showed two entries similar to brannka's post below:


I found same "problem" this morning...Yesterday at the same time the scan was done none of those "infections"were there. In mean time Avg did update and "infections" were there. I have send files as well for check up. I went on google to find "virus" but there was nothing except your post!
I also have these in vault:
C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0010583.exe
and this one :

C:\System Volume Information\_restore-{3F4EE1B5-F71E-43F-9187-0D3999ADCB4E}\RP42\A0000038.exe