• The TUGBBS forums are completely free and open to the public and exist as the absolute best place for owners to get help and advice about their timeshares for more than 30 years!

    Join Tens of Thousands of other Owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 30 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 30th anniversary: Happy 30th Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    Free memberships for every 50 subscribers!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $21,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $21 Million dollars
  • Sign up to get the TUG Newsletter for free!

    60,000+ subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

Trojan Horse

Patri

Tug Review Crew
TUG Member
Joined
Jun 6, 2005
Messages
6,837
Reaction score
4,206
I have a trojan horse (psw.generic6.AQPD) on my macromed\flash
It cannot be healed, AVG says. I am running McAfee right now to find it with them.
What should I do?
TIA
 

Don

TUG Member
Joined
Jun 6, 2005
Messages
1,457
Reaction score
3
Location
Port Charlotte FL formerly Portsmouth VA
The first thing to do is to turn off your System Restore. If you don't, the virus gets recopied to your working system from the back up copy stored there after you try to clean it.
 

Patri

Tug Review Crew
TUG Member
Joined
Jun 6, 2005
Messages
6,837
Reaction score
4,206
Where is the system restore?
A message also says the action was interrupted by user (as far as trying to isolate trojan).
 

TUGBrian

Administrator
Joined
Mar 24, 2006
Messages
22,551
Reaction score
8,248
Location
Florida
in situations like that...I always attempt to start up the computer in safe mode and rerun any scan.

worth a shot at least.

some instructions on how to do that

http://support.microsoft.com/kb/315222
 

26weeker

TUG Member
Joined
Jul 13, 2007
Messages
26
Reaction score
0
i updated avg free 11/15/08 and was able to remove this trojan horse. run avg again after updating. good luck
 

Don

TUG Member
Joined
Jun 6, 2005
Messages
1,457
Reaction score
3
Location
Port Charlotte FL formerly Portsmouth VA
Where is the system restore?
A message also says the action was interrupted by user (as far as trying to isolate trojan).
Right click the "my Computer" icon on your desktop. Click on properties on the menu. click the "System Restore" tab and check the "turn off System Restore" box. Click OK.
 

Mosca

TUG Member
Joined
Jun 6, 2005
Messages
1,463
Reaction score
8
My latest version of AVG Free found and killed it. More troubling is how I got it; I don't know. I don't visit oddball places and look at strange sites from work.

There isn't a lot of info on psw.generic6.AQPD. There is some confusion as to whether it is really a Trojan, or an updating tool. I did update Adobe Reader and Flash yesterday, and I found the timing of our occurrences interesting. Still, I'm happy it is gone.

Edit: Just from yesterday to today, the number of Google hits for psw.generic6.AQPD have gone from 6 to over 1,000. Every one is reporting it as found by AVG, and every one says it occurred after updating Adobe Flash. It is a false positive. The latest update of AVG fixes the false detection. Update your AVG and rescan, it will be gone.
 
Last edited:

Patri

Tug Review Crew
TUG Member
Joined
Jun 6, 2005
Messages
6,837
Reaction score
4,206
Thanks everyone.
Don, when we had windows My Computer was on my desktop. With Vista I couldn't find it. Found something similar but the options weren't exactly the same.
Brian, I had already gone to the Microsoft site and it wouldn't open.
Everyone, in frustration I finally turned off the computer and went to bed. Maybe AVG ran again while I was trying things.
Today no warnings have popped up, so based on your posts, I would like to think it is gone. I'm trying to remember if I recently updated Adobe Flash. We also don't go to strange websites so no other cause comes to mind.
Many thanks again.
 

calgarygary

TUG Member
Joined
Feb 13, 2007
Messages
1,025
Reaction score
0
Thanks everyone.
Don, when we had windows My Computer was on my desktop. With Vista I couldn't find it. Found something similar but the options weren't exactly the same.
Brian, I had already gone to the Microsoft site and it wouldn't open.
Everyone, in frustration I finally turned off the computer and went to bed. Maybe AVG ran again while I was trying things.
Today no warnings have popped up, so based on your posts, I would like to think it is gone. I'm trying to remember if I recently updated Adobe Flash. We also don't go to strange websites so no other cause comes to mind.
Many thanks again.

Patri, I would not assume that the Trojan Horse is gone. It would be well worth doing a search on your antivirus's home site to determine exactly how to be rid of that specific trojan horse. In many cases, it will require more than what your antivirus program can do and often needs editing of your registry.
 

Mosca

TUG Member
Joined
Jun 6, 2005
Messages
1,463
Reaction score
8
Patri, I would not assume that the Trojan Horse is gone. It would be well worth doing a search on your antivirus's home site to determine exactly how to be rid of that specific trojan horse. In many cases, it will require more than what your antivirus program can do and often needs editing of your registry.

That particular hit has been confirmed as a false positive generated by an update to Adobe Flash. AVG has released an update to their algorithm that no longer calls it a Trojan.
 

Don

TUG Member
Joined
Jun 6, 2005
Messages
1,457
Reaction score
3
Location
Port Charlotte FL formerly Portsmouth VA
That particular hit has been confirmed as a false positive generated by an update to Adobe Flash. AVG has released an update to their algorithm that no longer calls it a Trojan.
I had this happen when I got an upgrade from Embarq (dsl). The free built in virus scanner, from F-Secure, found "UpgradeTool_340ACZ8D0UPG_V01.exe" and called it a virus, even though it was a major part of the upgrade. I'm glad to know there is nothing to worry about.
My wife got all worried several nights ago when one of the news anchors in Ft.Meyers (NBC) told the entire area about the "Postcard from Hallmark" virus warning, how Microsoft is gearing up to stop it, and how it will burn out your hard drive. Yes, its the same email that's been going around for 2 years now and has been blown out of proportion. But the original sender CHECKED it out on Snopes so it must be true! :doh: Right! Oh, if only they would read what they say they checked out; or, maybe if they understood what they read....I get so tired of those email virus warning that are usually false alarms,
 
Top