Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast has isolated this: Win32:Trojan-gen


  • Please log in to reply
1 reply to this topic

#1 Ben Fuchs

Ben Fuchs

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:22 PM

Posted 27 July 2011 - 07:25 PM

Avast found this virus on my Seagate 500G backup drive. How do I remove it? Or is it already removed? I am now getting Runtime errors from the drive

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:22 PM

Posted 27 July 2011 - 07:46 PM

What specific Runtime errors are you getting?


Did avast provide a specific file(s) name associated with the malware threat(s) detected and if so, where is it located (full file path) at on your system?

With that information you can get a second opinion, by submitting the file(s) to one of the following online services that analyzes suspicious files:In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

Each security vendor uses their own naming conventions to identify various types of malware. Names with Generic or Patched are a very broad category. See Understanding virus names.

Generic detections are usually a heuristics engine detection of possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. Heuristic scanning methods vary depending on the vendor. Some claim to allow emulation of the file's activities in a virtual sandbox. Others scan the file more intensively, searching line by line inspecting the code in a file to see if it contains virus-like characteristics. If the number of these characteristics/instructions exceeds a pre-defined threshold, the file is flagged as a possible virus.

The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as malicious. With heuristics, there is always a potential risk for a "False Positive" when the heuristic analysis flags a file as suspicious or infected that contains no malware. Sometimes lowering the program's heuristic settings and rescanning may provide more accurate results.

Submitting file samples to the vendor for further analysis allows the lab techs to quickly investigate and confirm if the detection is actually malware. Some security programs have built-in options for submitting a file directly from the quarantined area to the vendor's lab for analysis. Most user guides will explain how to do that. Other anti-virus solutions automatically submit files or provide an alert to do so if you have checked the option to "Submit for analysis in the program's settings.

If avast quarantined the file and moved it into the virus vault, that file is safely held there and no longer a threat. The file is essentially disabled and prevented from causing any harm to your system through proprietary security routines which may copy, rename, encrypt and password protect the file as part of the moving process. Quarantine is just an added safety measure which allows you to view and investigate the files while keeping them from harming your computer. When the quarantined file is known to be malicious, you can delete it at any time by launching the program which removed it, going to the Quarantine tab, and choosing the option to delete.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users