Win32:Malware-gen - Vendor says false positive??

Following instructions from the first sticky, I’ve created a text answering questions to the best of my ability and I’ve attached some screenshots. I would love some expert advice. Also, I can’t test the file at VirusTotal now because I’ve put it in the Virus Chest and don’t know how to get it back out…
Thanks for any direction.

Avast 2015: Using the Virus Chest http://www.avast.com/faq.php?article=AVKB21#artTitle

Did you intentionally install Justcloud online backup service ? As it has a very dubious reputation

Pondus, thank you for the link. I just submitted the file to the lab.

essexboy, I did intentionally install Justcloud. We’ve been using JustHost for at least two years and have been happy with them. It seemed that JustCloud was a product offering from JustHost and it was initially free for a small amount of space so I decided to give it a try. My interaction with their support staff has left me seriously questioning that decision. Can you give me any details?

JustCloud is part of the Just Develop It! group of Backup brands that offers web hosting and online backup services. As the name implies, there aren’t a lot of frills with their products but they do offer simple and affordable services for the personal or very small business user. According to the company, they offer “premium products and budget prices”.

JDI Backup is also the parent company to similar brands MyPCBackup, Backup Genie and ZipCloud.

I regularly remove the above programmes as they are ad driven, slow the computer down and are hard to remove using its uninstall programme

At the end of the day the choice is yours on whether or not to keep it

I have nothing thrilling about the JDI Parent company. With MyPCBackup and those in it’s line. I probably won’t ever trust them.

I’m sure if you were to upload a MyPCBackup or some other JDI products to www.virustotal.com, all major brands classify it as Win32:PUP or Not-A-Virus.

Malwarebytes (Has a very good detecton rate and low FP’s) has been detecting it for years now.

I appreciate the information. Did you happen to open the .txt file I attached to my original post? I copy/pasted in there the email convo between their support and me. Not very inspiring…

“We do market the service in this way and as such some users may have reported Just Cloud as potentially unwanted to the AV company.”

That’s the Classification of their other Products like MyPCBackup. Considered Potentially Unwanted. Not really malicious, just more annoying to have a pop-up everytime you start Windows.

I’ve never dealt with JustCloud aside from the MyPCBackup. If you wish to test the file, go to the Virus Chest (Stats > Compenent Status > Virus Chest > RIght click and replace it.) Then test like normal.

Also, please remove the text file and take out your email so you don’t get spammed.

No I missed the text file, and you appear to have removed it. I should imagine the general gist would be that it is a false positive and there is no malware in the programme

Yeah, Pretty much. I requested it be removed so He? could remove the email’s in iy. Sorry Essex

Sorry. Didn’t know if anyone was looking at it or not. I’ve modified it now (thanks for the heads up, essex) and re-attached to the OP.

I’m going to try uninstalling JustCloud today. Wish me luck!

(She btw)

T’was was me who warned you about the email(s) being there…

Follow Essexboy’s advice. He’s better at this! (Link deleted)

Click on 'Settings' and then 'Active Protection'.Turn off the 'File System Shield' and 'Web Shield' Click on 'Settings', then 'Antivirus', then 'Exclusions', and then add our software's files to the exclusions list and save Click on 'Settings', then 'Active Protection', then click the gear next to 'File System Shield' and then 'Exclusions' Add our software's files to the exclusions list in this window and save
Yep that will stop the alerts :)

AdwCleaner will also remove any traces

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

My apologies Michael!

This statement from their email to me:

We can assure you that Just Cloud does not contain any viruses or malicious software.
was when I became seriously concerned.

Yes, I think I’ll avoid their uninstall tool.

Oh, you saw that (Too late!)

Adwcleaner will probably find it. At east if it doesn’t, we have something to tell XPlode lol

I have two questions about AdwCleaner. It’s been running for about 25 minutes and there is nothing to indicate that it is running - there is a progress bar, but it doesn’t show any progress. Above the bar it says “Pending. Please uncheck elements you don’t want to remove.” I did do a Ctl+Shft+Esc and Task Manager shows it Running.

Second question, will my screen saver interfere with it processing? (If it’s okay, I hate to stop it to turn the saver off now)

Thanks.

It is waiting for your input now, you may flick through the tabs and if there is anything you do not want removed then remove the tick … Otherwise just press clean

I finally realized that it was finished scanning, there just wasn’t anything on the first tab. It actually only took a few minutes to run.

Attached is the log as requested…

It got it:

[b] Folder Deleted : C:\Program Files (x86)\JustCloud
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Pat1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustCloud

  • Not Deleted : C:\Users\Public\Documents\Software
    File Deleted : C:\Users\Pat1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
    File Deleted : C:\Users\Pat1\Desktop\JustCloud.lnk
    File Deleted : C:\Users\Pat1\Desktop\Sync Folder.lnk

Any idea why it suggested I delete the folder I excluded?

Not Deleted : C:\Users\Public\Documents\Software

This folder contains pdf’s of receipts for software purchases I’ve made and license files, such as my avast license key. There was nothing in it about Just Cloud.

I ran the AdwCleaner a second time after the computer rebooted from cleaning. The second pass-thru, the only thing it targeted was this same above folder.