Author Topic: Trojan.Win32.Generic!BT  (Read 15164 times)

Offline Johnzbzb

  • Comodo Family Member
  • ***
  • Posts: 55
Trojan.Win32.Generic!BT
« on: February 19, 2010, 04:06:32 AM »
Hi Comodo Community,

I scanned my computer with NOD32 antivirus, which detected nothing. Then I Scanned the computer with Counterspy and it detected 5 traces of Trojan.Win32.Generic!BT. They were located in Patrician III, R-Wipe and amongst files I downloaded like a dll file, a uninstaller and something else I cant remember. Anyway I manually deleted all lot of the possible infected files. My question is? are these false positives and is Trojan.Win32.Generic!BT a dangerous trojan? Like could they have changed my security in comodo or computer and left loopholes. Would Comodo firewall block people from hacking my computer from these files?

I have the latest Comodo firewall, just firewall. Any and all help would be appreciated, thanks.

Offline jay2007tech

  • Malware Research Group
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2027
Re: Trojan.Win32.Generic!BT
« Reply #1 on: February 19, 2010, 12:20:21 PM »
Quote
Trojan.Win32.Generic!BT
Yeah, that's that defenitly sunbelt.  It basicly saying it's not sure (in laymen terms)

To find out for sure
Upload anything that gets flaged or you suspect to www.virustotal.com 
It'll give their own opinion of over 30 anti-virus companys around the world.
It's hard being a crooked Admin when the files won't pass an md5checksum test.  But like any other good crooked Admin it can be done, it just takes time(and lots of it) and a few aspirins

Offline Johnzbzb

  • Comodo Family Member
  • ***
  • Posts: 55
Re: Trojan.Win32.Generic!BT
« Reply #2 on: February 19, 2010, 10:28:36 PM »
I scanned it with nod32 before I deleted the files and it didnt pick up anything, I didn't save the files. So I cant use virus total. Just to be clear are trojans virus or malware? Does virustotal scan for viruses and all malware?

If they weren't picked up by nod32, would they be false positives?

Offline Whoop-dee-doo

  • Cave Dweller
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1098
  • What are you staring at?
Re: Trojan.Win32.Generic!BT
« Reply #3 on: February 20, 2010, 03:15:14 AM »
Hi Johnzbzb,

The term malware (short for malicious software) usually refers to any file that intentionally alters your computer (usually without your permission) in order to impair functionality, control your system, breach your privacy, advertise, or produce some other unwanted behavior.
Malware is a general term that encompasses many types of malicious programs, including viruses, trojan horses ("trojans"), rogues, spyware, keyloggers, worms, rootkits, dialers, backdoors, etc.

There is a good explanation of malware on wikipedia, including links to descriptions of malware types.

Currently, most scanning programs check for all types of malware regardless of the term used their name. For example, Comodo antivirus scans for all types of malware, even though its name is "antivirus". Superantispyware checks for trojans, rootkits, rogues, keyloggers, spyware, etc. even though its name is "antispyware". Virustotal.org and virscan.org (see below) scan for all types of malware, including viruses and trojans.

Upload anything that gets flaged or you suspect to www.virustotal.com 
It'll give their own opinion of over 30 anti-virus companys around the world.

I agree. A scanner may detect a false positive (the scanner flags a file as malicious, when the file is actually harmless). Deleting a false positive can cause problems with your computer. If a program detects a file as malicious, I recommend that you download the file to a site such as www.virustotal.com or www.virscan.org, which will scan the file with a bunch of different anti-malware engines. If you suspect that the file is malicious (and not a false positive) based on the results from one of these on-line scans, then quarantine the threat (do not delete it). Quarantining the threat will disable it. Once the file is quarantined, you can see how your computer functions.  If the file was not infected or the file was necessary for your computer to function, then you can restore the file (if you deleted the file, you can never get the file back and you may not be able to salvage your system!). If you are not sure what to do, you can always ask for help on one of the many user forums (including this one) before you take action on a potential threat.

Johnzbzb, I suspect that the "traces of Trojan.Win32.Generic!BT" on your system were false positives; however, it is impossible to know for sure because the files have been deleted.

Hope that answers your questions,
Whoop

P.S. also see my response to your other post.
« Last Edit: February 20, 2010, 05:10:49 PM by Whoop-dee-doo »
"The best way to have a good idea is to have a lot of ideas." - Linus Pauling   :-La 

"Don't find fault. Find a remedy." - Henry Ford

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek