« previous next »
Pages: [1]   Go Down

Author Topic: Win32:Spyware-gen  (Read 3856 times)

0 Members and 1 Guest are viewing this topic.

BuckeyeKat

  • Guest
Win32:Spyware-gen
« on: December 07, 2010, 07:37:33 PM »
OK I have been on here researching for 5 hours and getting seriously frustrated. All of a sudden today when I went to open a game which has been on here for 3 years I am notified Avast is putting it in the chest because of the above. I have found a few threads here about this but cannot seem to follow the procedures because too much other stuff thrown in there.
I am running Vista.
Housecall says clean.
Can someone please advise. Sorry if I seem dumb... I am when it comes to this stuff. Thanks to Avast I rarely have any problems.

also is OK to post the Hijack this reports here? I have NO clue what any of it means.

[ArcaVir]    
2010-12-07 Found nothing
   [G DATA]    
2010-12-07 Win32:Spyware-gen
[Avast! antivirus]    
2010-12-07 Win32:Spyware-gen
   [Ikarus]    
2010-12-07 Found nothing
[Grisoft AVG Anti-Virus]    
2010-12-07 Found nothing
   [Kaspersky Anti-Virus]    
2010-12-07 Found nothing
[Avira AntiVir]    
2010-12-07 Found nothing
   [ESET NOD32]    
2010-12-07 Found nothing
[Softwin BitDefender]    
2010-12-07 Found nothing
   [Panda Antivirus]    
2010-12-07 Found nothing
[ClamAV]    
2010-12-07 Found nothing
   [Quick Heal]    
2010-12-07 Found nothing
[CPsecure]    
2010-12-07 Found nothing
   [Sophos]    
2010-12-07 Found nothing
[Dr.Web]    
2010-12-07 Found nothing
   [VirusBlokAda VBA32]    
2010-12-07 Found nothing
[Frisk F-Prot Antivirus]    
2010-12-06 Found nothing
   [VirusBuster]    
2010-12-07 Found nothing
[F-Secure Anti-Virus]    
2010-12-07 Found nothing
Logged

spg SCOTT

  • Guest
Re: Win32:Spyware-gen
« Reply #1 on: December 07, 2010, 07:49:26 PM »
Hi BuckeyeKat, welcome to the forum :)

That appears to be part of a virustotal log?
Do you have the full link, and the filename and path?

Scott
Logged

Offline superhacker

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • superhacker != super mario
Re: Win32:Spyware-gen
« Reply #2 on: December 07, 2010, 07:50:21 PM »
1.Try dr.web cure it!  from here
http://www.freedrweb.com/cureit/?lng=en
2.Scan you PC with MBAM
http://www.malwarebytes.org/mbam.php
3.After cleaning system with Dr.web and MBAM post a hijack hunter log"attach"
http://www.novirusthanks.org/products/hijack-hunter/
Logged
Dreams don't die, they just fall asleep.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37700
Re: Win32:Spyware-gen
« Reply #3 on: December 07, 2010, 07:51:14 PM »
That is not a HijacThis log but looks like a copy and paste from VirusTotal.....am i correct

and from what i can see it is only avast! and GData detecting (GData is using avast virus engine) so probably a False Positive
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89687
  • No support PMs thanks
Re: Win32:Spyware-gen
« Reply #4 on: December 07, 2010, 08:02:23 PM »
What is the game ?
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?

It may be something that the game does, gather stats/data that may be misinterpreted.

The Win32:Spyware-gen is a generic signature (the -gen at the end of the malware name), so that is trying to catch multiple variants of the same type of malware and is a fine balance between detecting a new variant and detecting something valid as infected.

Send the sample to avast as a possible False Positive:
Open the chest and right click on the file and select 'Submit to virus lab...' complete the form and submit, the file will be uploaded during the next update.

- In the meantime (if you accept the risk), add the full path to the file to the exclusions lists:
File System Shield, Expert Settings, Exclusions, Add and
avast Settings, Exclusions

Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the File System Shield and avast Settings, exclusions lists.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Tenko

  • Guest
Re: Win32:Spyware-gen
« Reply #5 on: December 07, 2010, 08:08:18 PM »
Hey and Welcome!

I would also recommend you to make a full system scan with superantispyware.

What game do you want to run?

Regards,
            Tenko
Logged

BuckeyeKat

  • Guest
Re: Win32:Spyware-gen
« Reply #6 on: December 07, 2010, 11:38:41 PM »
OK everything says clean...

superantispyware
dr.web cure
MBAM

I did submit to Avast
and did what davidR suggested.

The file is a game called Feeding Frenzy which has been fine up until this am

C:\Users\Mom\Documents\game\feedingfrenzy 2\*
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89687
  • No support PMs thanks
Re: Win32:Spyware-gen
« Reply #7 on: December 08, 2010, 12:21:56 AM »
So are you saying that everything including avast now comes up on the VT results ?

If so it means that avast no longer considers it spyware, e.g. an FP which has been corrected, so you should ensure that you have the latest virus definitions update and scan the file again within the virus chest.

Or do you mean that now it is in the chest all scans local system come up clean ?
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »