Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG detected two instances of "Trojan horse BackDoor.Generic19.AWAW"


  • Please log in to reply
3 replies to this topic

#1 whiskeyii

whiskeyii

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 11 September 2016 - 07:11 PM

So initially, AVG only detected one instance of this virus(?), and I found an old page somewhere that gave the following instructions, but for a .ACAC or .BIGU version. I don't know if that makes a difference.

1.Physically disconnect from internet and run Windows 10 in Safe Mode.

2. Run Anti-Spyware and save your log; restart in Normal Mode.

3. Reconnect to internet

4. Run Malware Bytes and save your log; restart in Normal Mode

5. Run Gmer and save your log; restart in Normal Mode

6. Run HijackThis and save your log; restart in Normal Mode

 

I've done all of those (and Gmer threw some error about rootkit something-or-other), but no dice, and then, wouldn't you know it, I got two detections instead of one. In a moment of panic, I uninstalled the two programs I thought AVG said they were liked to (Autodesk Application Manager and Malware Bytes' .exe file), but the detection still pops up whenever I restart. I've heard something about AVG throwing false detections when it comes to Trojans, but I don't know what that means, and the addition of a threat detection worries me. Serves me right for not switching to Avast sooner, I guess.

I run Windows 10, and if at all possible, I'd like to avoid having to restore my computer. I haven't backed it up or created a restore point in a few years--I know, I know, shame on me.


Edited by whiskeyii, 11 September 2016 - 07:12 PM.


BC AdBot (Login to Remove)

 


#2 thedarkness

thedarkness

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:31 AM

Posted 12 September 2016 - 06:28 PM

A false detection or false positive is just that  - it's a file or program that an antivirus has found that it thinks is malicious, when it is not.

Antivirus programs are not perfect but they can be a lifesaver when something nasty does come along. If no one else uses your computer, you install programs only from trustworthy sources and do not click on advertisements often, then the files may well be false positives. Malwarebytes is a good secondary scanner so if it detects nothing, and no malware via superantispyware is showing up, it does not sound like you should be panicking. If you download patches or keys for programs however, then you run that risk, even if it's still not guaranteed. If you chance staying online for a brief period then you could upload the offending files that AVG points out as malicious to virustotal to see how they fare with other antivirus programs. If the detection rate is low then it's a likely false flag.

 

If you do not want to install another antivirus, or trojan scanner such as tdsskiller in case they become infected, as an alternative there are rescue discs out there that you can burn to cd, dvd or usb sd stick using another computer, which will then scan your own system for virus infections as windows boots up (hold or hit F12 button on boot up, and select Boot from CD from the menu. If sd usb memory stick is your choice to run a rescue disc from, then you may have to switch from uefi to legacy mode in the bios via F2 or DELETE on boot, and also turn secure mode off, before usb will show up as you hit F12.

 

Some rescue discs may have a windows mode in which you can browse your documents within explorer and save them how you like. You are better off trying a rescue disc, but to merely save files, I have linux install dvds such as xubuntu and mint, which run in a live mode if you choose to 'try linux without installation' - they will also let you browse your windows hard drives and files. Note that within some distributions of linux unless you change any settings, 'deleting' a file may not move it to any recycle bin, but get rid of it permanently


Edited by thedarkness, 12 September 2016 - 06:39 PM.


#3 whiskeyii

whiskeyii
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 12 September 2016 - 06:43 PM

Thanks! I'll run Anti-Spyware and re-download Malware Bytes to run another scan just to double-check for peace of mind, along with TDSSKiller and VirusTotal. If nothing pops up, I'll just install Avast (and uninstall AVG) and leave it at that.


Edited by whiskeyii, 12 September 2016 - 07:11 PM.


#4 whiskeyii

whiskeyii
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 12 September 2016 - 07:11 PM

Huh. Or not. Seems like an X: drive I never created with a Crack file for The Sims 4 has somehow wormed its way onto my computer, which is especially bewildering since I own a legal copy of Sims 4 via Origin. So, this might be the real deal. Thoughts?

 

I ejected the drives (which were labeled under CDSF?). Not sure if that did anything, just wanted to keep this thread updated.


Edited by whiskeyii, 12 September 2016 - 07:19 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users