Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG found Trojan Generic19.BVUS


  • Please log in to reply
7 replies to this topic

#1 Toony

Toony

  • Members
  • 117 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 27 October 2010 - 06:06 AM

So just about an hour ago I got a pop up from AVG saying it found trojan Generic19.BVUS in notepad++. I'm in the process of running a scan and it found the same thing infecting another file. I don't know a ton about this type of stuff. If AVG has found these and quarantined them am I done? What else should I do to make sure the trojan is gone?

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 PM

Posted 27 October 2010 - 09:05 AM

Notepad++ is a legitimate program. Where did you download it from. What other files are being detected?

Anytime you come across a suspicious file or suspect a detection may be a false positive, get a second opinion by submitting it to one of the following online services that analyzes suspicious files:In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

AVG Forum: How To Handle Suspicious False Positive Detection?
AVG FAQ 2343: AVG detects infection on file that I suppose to be clean
AVG FAQ 2321: What to do when I suspect any file it is infected?
AVG FAQ 2142: How to upload a file to our FTP server
AVG FAQ 2159: How to create a password-protected archive
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Toony

Toony
  • Topic Starter

  • Members
  • 117 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 27 October 2010 - 09:32 AM

The files are currently in my virus vault it says so I don't know exactly what to do with them. Take them out or delete them or what. I had to force it to take the notepad one because it said it couldn't at first.

I've had the file for a long time and it never set off AVG before, just suddenly today without warning and without being used.

The other files that showed up as well were

npp 5.4.3 installer.exe

npp 5.4.3 installernotepad++.exe

I don't really know how to submit them while in the vault and I don't want to release them if they are potentially hazardous so I don't entirely know what to do.

I ran a scan with malware bytes as well and had no hits but this was after I quarantined the infected files

Edited by Toony, 27 October 2010 - 09:37 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 PM

Posted 27 October 2010 - 10:06 AM

If the file has been placed in the Virus Vault, then follow these directions:-- Even though the instructions say if you suspect the file is clean but you still have doubts, submit them anyway using this method.

Chapter 10.8 of the AVG Anti-Virus 2011 User Manual and Chapter 9.5 of the AVG Internet Security 2011 User Manual explain more detail about the virus vault. These manuals are also a good resource for explaining components, settings, and other information.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Toony

Toony
  • Topic Starter

  • Members
  • 117 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 27 October 2010 - 10:14 AM

I got a response saying both files were false alarms. Does that mean it's safe to restore them? Should I test them further with the other links provided?

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 PM

Posted 27 October 2010 - 10:42 AM

That was fast.

If AVG said they were FPs and it was only their scanner that detected them as threats, then I would say you can restore them.

If you want a second opinion, files can be checked at Jotti, VirusTotal or VirScan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Toony

Toony
  • Topic Starter

  • Members
  • 117 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 27 October 2010 - 11:05 AM

Tried using the other scanners. The npp installer file came back clean. I was unable to upload notepad++ as I was told I did not have permission even though I'm the administrator.

I did scan it with malware bytes and got nothing, though.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:27 PM

Posted 27 October 2010 - 01:45 PM

Then it appears you have nothing to be worried about.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users