avast scan alerted about win32.spyware-gen [trj], so I put it in the “chest”. I found a lot of other messages about this one, and also a problem concerning lost internet-connections (can’t test it presently). However, I can’t find any information about whether this really is a dangerous trojan that should be removed. If not, I would rather undo my “placing of the trojan in the chest”, than live without an internet connection. So, my questions are
(1) Is this “spyware-gen” worth removing?
(2) If not, how do I undo avast’s cleaning operations?
any file in the avast chest can be restored, right click on it and select restore.
The signature would appear to be a generic (attempting to catch multiple different malware with a single signature) one as in spyware-gen. So with this type of signature you would be unlikely to find much about it, you are more likely to find information on the file name.
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast icon), Warning section, this contains information on all avast detections.
Before restoring any file you should ensure it isn’t infected.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 32 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.