G’day all. During my full system scan today Avast picked up quite a few files infected with Wimad. What i’m wondering is, what is the difference between wimad[susp] and wimad[drp]? Unfortunately like many protection programs there is no explanation provided.

susp=suspicous drp=dropper i guess.
More info http://www.symantec.com/security_response/writeup.jsp?docid=2005-011213-2709-99

I am aware that wimad is a trojan. I was more interested in the difference in Avasts listing of it. So by suspicious it means that it only suspects the file has wimad?

It is just a suspicious file.Isn’t it enough clear?

It just means detection by a different method as the [susp] suffix is usually an indication it has been detected using Heuristics. That however is still likely to be a good detection as avast’s heuristics aren’t paranoid sensitivity.

It is also difficult to be any clearer without the file names and locations of those [susp] detections ?

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the [b]C:[/b] drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect*
That will stop the File System Shield scanning any file you put in that folder.