Deleting virus from chest

Viruses and worms
1

Hi all.
I moved Win32:Malware-gen virus to avastpro chest on 31/08/2011. It was in C:\users.…\Downloads
Is delete the best way to remove the virus?
What about any alterations the virus might have created prior to chest?

Thanks in advance

2

Hello,

Can you provide us with more details about the detected file? (In case it is a FP)

If you think that you don’t need that file, I believe removing it from the chest will do no harm but it is mostly recommended to keep it in the chest (if you are unsure)

3

It show as activescan2_en.exe. Its original locations was in my downloads last changed on 9/10/2010. Thanks.

4

I have downloaded that file but it was not detected by any antivirus in virustotal :frowning:

http://www.virustotal.com/file-scan/report.html?id=e960a43a0b9fb1c7986a8f18c20efd70420c12dbd8bd3226ac707d3ec611a49f-1315796976

Are you using the lastest version of avast ???

5

Yes. Avast pro updated daily program version 6.0.1289.
Def update 110911-1 currently and was uptodate when moving virus to chest :slight_smile:
Activescan2.0 shows up as Panda security folder in windows start search. The date is probably when it was last changed when I installed it some time ago.
The virus Win32:Malware-gen has been detected by a number of other avast forum users :slight_smile:

6

It looks like avast is alerting on Panda’s unencrypted signatures or something along those lines.

Personally I wouldn’t have Panda on my system, even if it is an on-demand scan. If it is anything like its on-line scanner it installs its unencrypted virus signature files in a sub-folder of the c:\windows\system32 folder. I think that is taking liberties doing that in the system32 folder, not to mention these unencrypted signatures are going to be detected by avast (or any other antivirus installed) when you scan that area and the system32 being an important system folder is going to be scanned by all scans.

Personally I would recommend uninstalling Panda’s Activescan.

The avast Win32:Malware-gen is a generic signature (the -gen at the end of the malware name), so that is trying to catch multiple variants of the same type of malware. So seeing other avast users with this detection is not unusual.

7
8

Thanks DavidR. I have removed Panda folders from my downloads. Hope this solves any further problems also.
Question remains: should I still remove malware from chest?

Thanks to all. :slight_smile:

9
Is delete the best way to remove the virus?

Clean, Quarantine, or Delete?
http://antivirus.about.com/b/2007/03/11/clean-quarantine-or-delete.htm

10

Thanks Pondus. I removed Panda and have deleted the offending file from chest. Hope this fully resolves problem.

Thanks to all again. :slight_smile:

11

Yes that should be the end of it.