Average Joe

Member
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Average Joe

  • Rank
    New Member
  1. Thank you Kevin. F: has never been an OS partition, it is a data partition. It is the second partition on this particular hard disk, XP was installed on the first partition (which doens't exist anymore since I replaced it with two new partitions when I moved the hard disk into this new machine). So I must assume that XP or Seven (or both) create one System Volume Information folder for each partiton (system and non-system). Again, I wonder what is the purpose of a malware than manages to sneak into a computer, passes untouched through antivirus/antimalware scans (many scans if these files are there since XP) and then... just sits there (apparently) doing nothing. What do you think of temporarily de-quarantine the two files to look for the date of creation? I know Linux isn't vulnerable to Windows malware. Let me rephrase my question: generally speaking, is a Linux USB flash drive to be considered safe even if created on an infected (even heavily infected) Windows machine? About Avast, if that's the case I don't understand why no alert was shown when I ran the first EEK custom scan with the same signatures.
  2. Thanks for the replies. @JeremyNicoll I will do that, thank you. I think Avast updates its signatures several times a day. @Kevin Zoll I've got some questions: - Can you explain to me what exactly is an inactive malware? I would think a malware has to do something to be... malicious. - I would like to know if these two files were there since the drive was in the old computer. I was thinking of de-quarantine them to look into their properties for the date of creation (and then re-quarantine them). Do you think it is a wise idea to do so? - I am particularly concerned about some Live Linux USB (especially one I use for online banking), they were created on this W7 machine using a piece of software called Rufus. Do you think the Linux OS on these USB flash drives could be somehow not safe? (Maybe the question doesn't make sense, not enough knowledge to answer that myself). Thank you. As far as I can remember, the first time I ran a custom scan (i.e. when the two files were detected) Avast didn't show any alert (same signatures). Wouldn't this be strange?
  3. Hi everybody, I am not English native so I apologize for possible errors. Software running on my PC: - OS: Windows 7 Pro 64 (regularly updated) - AV: Avast Free Antivirus - AM: Emsisoft Emergency Kit (2017.4.0.7437) - FW: Comodo Firewall 10 I have been using this machine for a couple of years, more or less. The antivirus and firewall are always running in background and I use both Avast and Emsisoft Emergency Kit (which is placed on one of the internal drives) every now and then for virus and malware scanning. I didn't notice anything strange, everything was smooth and fine, Avast all green (Protected), no viruses found (both by quick and full system scan) and EEK always tells me "0 detected" (malware scan). Yesterday, influenced by the "Wanna Cry Crisis" I ran another malware scan with EEK, 0 detected as usual. Then I decided to do a Custom Scan (which I have never done before, apparently), I left all the default settings and gave it a go. The scan took much more time than usual (that's normal) but this time two objects were detected (see attached log). Both files were located on F:, which is a data partition on a HDD I moved into this machine from a previous computer running Windows XP, for what I know they could have been there for years, doing what? I don't know, as I said I have never experienced anything strange. I quarantined the two files then I rescanned with EEK (Custom Scan) to confirm the system was clean. I got a "0 detected" from EEK but Avast showed me an alert about an infection (Win32:Malware-gen) coming from a2emergencykit.exe (which is inside the EEK folder). According to Avast the process was blocked before any damage was done. I ran a full system scan and a boot time scan with Avast, both negative. I then ran EEK Custom Scan twice, "0 detected" but both times Avast showed the same alert about a2emergencykit.exe. Again Avast full system scan, negative. In short, it seems I get an Avast alert each time I do a EEK Custom Scan (the standard Malware Scan doesn't trigger the alert). Anybody can help me to understand what is happening? scan_170517-202303.txt