I have recently installed Norton Ghost on my system, and while I have run virus scans before have only just run a THOROUGH scan since installing Ghost.
Avast! is telling me that several of the Ghost Backup Files are Trojan Horses (Malware name: Win32:AutoIt-S [trj])
When I started to delete them (they were too big to move to chest) Norton Ghost popped up informing me that I’d just manually deleted a Restore Point.
There were multiple files said to be containing trojans, all of them Ghost Backup Files. My system is backed up almost daily, and so it would seem odd that the original files on my C: drive aren’t seen as having any viruses.
Should I be alarmed? Have others users of Ghost also experienced this problem?
The files end in .iv21 (Symantec Image File) extension and are much too large for me to upload to a website for further examination.
{If it is decided these are harmless and not Trojans, could someone also please advise on how to tell Avast! to ignore them in future scans?}
Most probably it is a false positive detection.
Which is the virus name shown by avast?
As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button…
You can use wildcards like * and ?. But be carefull, you should ‘exclude’ that many files that let your system in danger.
Is there a way to add a whole folder to the ‘safe’ list? As it seems to pick up multiple backup files this would seem more practical than specifying individual files as new ones are always being added.
I tried Googling ‘Avast’ and ‘Ghost’ to see if other people were complaining of this conflict, but didn’t come across anything which is why I’m wondering whether it really IS a trojan or just a Restore Point that Avast gives a false positive.