Today when I turned on my machine and windows XP loaded, Avast popped up with suspicious file blocked,
---
Object: E:\games\quake2\quake2.exe
Infection: Win32:Evo-gen [Susp]
Action: Deleted
Process: C:\Program Files\Microsoft IntelliType Pro\itype.exe
The threat was detected and blocked just before the file was opened.
---
So I have 3 questions about this:
1. The quake2.exe file has been on my machine for years and was not infected before, so has a virus somehow altered the file on me (which could be a severe problem if it starts doing it to other files), or is this a false positive?
2. Is it default behaviour, and in any case is it recommended behaviour, for avast to automatically delete a file like this? It didn't even ask me to. That's OK for this, but if one day avast loads up with 1000 FP's, or even 1000 real detections, I don't want it to obliterate my files without giving me any chance to do anything.
3. What does it mean by the "Process" being itype.exe? Is "Process" the program that is accessing the file, and "Object" is the file?
Thanks