Spyware, Viruses, & Security forum

General discussion

AVG shows "Information" warning but won't remove

by jefol / February 7, 2009 12:38 PM PST

Hi, a little over a week ago AVG listed something on an "Information" tab but wouldn't remove it. It said it was a "Runtime packed upack" infection. I wrote down the exact address and hunted it down. I actually deleted a folder called "Crack" from the C drive and all seemed well. No other problems. Well, tonight it's saying there is another "Runtime packed upack" on the C drive in the "System Volume Information\_restore..."

I have Windows XP with Service Pack 3 and I'm using IE 7.0. Does anybody know what this is and how difficult it is to get rid of it?

Post a reply
Discussion is locked
You are posting a reply to: AVG shows "Information" warning but won't remove
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: AVG shows "Information" warning but won't remove
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Runtime packed upack?
by jefol / February 7, 2009 12:59 PM PST

I noticed someone else is having a very similar problem. I looked at My Computer and noticed "system restore" tab was already unchecked. I certainly didn't do it (perhaps my ex did). I downloaded MBAM but don't know what to do now. Can I install it with AVG?

Collapse -
First, Turn ON System Restore, Reboot...
by tobeach / February 7, 2009 1:54 PM PST
In reply to: Runtime packed upack?

then go in and turn off system restore and reboot. This "should" restart SR & then allow you to dump any restore points you have on C: including the "infected one". Run another AVG scan to see if clean now. If so, Turn SR back on & create a first clean point. I have seen
recommendations that it is best in Vista to run SR from Safe Mode.

If you CAN NOT get SR to run normally, you may get it going from a Run>command prompt. run> rstrui.exe >enter.

If you wish to get, update & run MBAM.exe you may(assuming normal internet access). I would disable AVG Control Center while doing scan & don't open anything else during the update & quick scan.
Instructions & Link for Mbam here:
http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=304328&messageID=2831556#2831556
Good Luck & let us know how you get on! Happy

Collapse -
First Turn On System Restore, Reboot
by jefol / February 8, 2009 2:20 AM PST

This seems to have worked!! I ran AVG once, got a clear and am re-scanning again. Thanks so much!! Why isn't AVG blocking this from coming in or removing it? This is the SECOND infection like this I've had in a week. This seems like it's going to be a constant problem in hunting down where it's hidden now.

Collapse -
Why isn't AVG removing this?
by Carol~ Forum moderator / February 8, 2009 5:12 AM PST

jefol..

As best explained here (and more concise) with some modification on my part:

The two infected files AVG identified by your scan are in the System Volume Information Folder (SVI) which is a part of System Restore. This is the feature that allows you to set points in time to roll back your computer to a clean working state. The SVI folder is protected by permissions that only allow the system to have access, and is hidden by default, unless you have reconfigured Windows to show it.

System Restore will back up the good as well as the bad files, so when malware is present on the system it gets included in any restore points. When you scan your system with anti-virus or anti-malware tools, you may receive an alert or notification that a virus was found in the SVI folder (System Restore points), but the anti-virus software was unable to remove it. Since the SVI folder is a protected directory, most scanning tools cannot access it to disinfect or delete these files. If not removed, they sometimes can reinfect your system if you accidentally use an old restore point. Also see "How antivirus software and System Restore work together".

By turning off System Restore and rebooting, you flush out all your restore points. Please don't forget to re-enable System Restore after you have rebooted and scanned. You stated you don't know how System Restore "got unchecked". At this point, I would create a new restore point, and make sure no problems ensue. (To include "the ex". Maybe s/he needs a reboot too! Wink )

jefol, you mentioned this is the 'second infection 'like this' you've had in a week'. Are you sure it's not part of the same "infection"? If not, you may want to re-consider what you have protecting you. In addition to "where you're going" and "what you're doing". In other words, what part you may be playing.

Hope this helps.
Carol

Collapse -
AVG
by jefol / February 8, 2009 5:29 AM PST

Thanks for your help, Carol. I turned on System Restore again.

I am pretty certain it's not the same infection. I had several clean scans between issues. I've used AVG for over a year and this is the first time I've had any problems. I only go to a couple sites (e-mail, news and craigslist, mainly). The only new site I've gone to in this timeframe is a local radio station to enter a contest, daily. Maybe that's it.

Collapse -
You're welcome. I was concerned about the folder..
by Carol~ Forum moderator / February 8, 2009 5:45 AM PST
In reply to: AVG

I was concerned about the "Crack folder" you mentioned and wondering how it came about it. Most of what I read showed it to be "game related". I may be overly cautious, but I stay away from online contests and the like. As a matter of fact, even with contests which aren't computer-related, I read the fine print on the bottom. But.. that's a whole other story! I never won anything anyway. Sad

Collapse -
Runtime packed upack
by prgabor / February 9, 2009 9:05 PM PST

Hi,
I am quite frequently getting these cryptic virus-detection announcements from AVG Free. When clicking on the "more information" link, explorer cannot find it!.
I've checked the affected files with DrWebb, it did NOT find a virus or trojan there! Seems AVG has some false positives - I could not find any means to ask them about this. I think I'll stop worrying about these strange viruses, unless they can be detected by another Virus checker

Peter

Collapse -
I NEED HELP PLEASE! AVG IS GARBAGE!
by bsbqueen / November 20, 2009 12:04 PM PST

I scanned my pc with avg 9 free tonight. It said I had a virus in the file, program files/lzo/keygen.exe (the virus name is runtime packed upack) I don't know how to get rid of it! please help me! Thanks!
BRokgirl07@yahoo.com
AIM: brokzsxystripper
yahoo im: brokgirl07

Collapse -
Can you find out where this keygen.exe is coming from?
by R. Proffitt Forum moderator / November 21, 2009 3:31 AM PST

To really cure this you need to find out how these keygens are getting on the system. I ran into someone calling another AV junk and they were loading up the machine with "Warez" and "torrents". Their complaint was like a junky complaining about bad health care in their country.
Bob

Collapse -
double-check for virus content
by Jiri_AVG AVG Staff / November 22, 2009 4:33 PM PST

Send the file in question (disabling AVG Resident Shield temporarily) to virus@avg.com. You should get a response whether it is indeed a malware or not. Seems like some application, which uses methods similar to malware program encryption.

Let us know.

Collapse -
question how can I disable avg resident shield
by bsbqueen / November 23, 2009 6:42 AM PST

how do I disable avg resident shield temporarily?? but that sounds like a good idea. and that wont mess up my pc will it? I mean when I send it to virus@avg.com?

Collapse -
have a question about the email
by bsbqueen / December 1, 2009 10:42 AM PST

i sent the virus to virus@avg.com last night and i just was curious how long des it take to get a response back?

Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

Tech explained

Do you know what an OLED TV is?

CNET explains how OLED technology differs from regular TVs, and what you need to know to make the right shopping decision.