Threat Description

Generic Detection

Details

Aliases:Generic.malware.[variant], Generic.[variant], gen:win32.malware.[variant], Gen:variant.[variant]
Category:Malware
Type:Other
Platform:W32

Summary



A program with features or behaviors indicative of known malicious threats, such as trojans, worms or viruses.



Removal


Automatic action

Once detected, the F-Secure security product will either automatically disinfect the suspect file or the user will be prompted to select a desired action. For more information, see: Support Community article: Automatic actions for viruses also used for suspicious items .

Suspect a file is malicious?

If in doubt, or in cases where a legitimate file is suspected to contain malicious code, please send a sample to F-Secure Security Labs via the Sample Analysis System (SAS) for analysis. You may want to refer to the following Support articles for more details:

Or Contact Support for further assistance.




Possible False Alarms (FAs)

Occassionally, a legitimate program or file containing code sufficiently similar to a known malware signature will inadvertently trigger a False Alarm or False Positive.

For example, 'tmp.edb' and other '.edb' files stored at the location 'C:\WINDOWS\SoftwareDistribution\DataStore\Logs\' may be unintentionally detected as malicious by various security programs.

If the suspect file is known to be legitimate, it may be excluded from scanning with the following instructions:

Microsoft also provides enterprise-level instructions for excluding the file in question from scanning by antivirus software:






Technical Details



A program identified by Generic Detection appears to have characteristics that resemble known malware. This may indicate the presence of a malware infection on the system, or that the suspect file itself is malicious.

Generic Detections are a type of detection used by antivirus programs to identify files with malicious characteristics.Unlike single-file detections which identify unique files, a Generic Detection looks for broadly applicable code or behavior characteristics to evaluate a file's potential for causing harm; a single Generic Detection can therefore efficiently identify dozens, or even hundreds of malware.

Generic Detections can be used to identify particular types of malware, based on general physical or behavioral characteristics:

In this case, the Generic Detection identifies threats based on their actions. Alternatively, a Generic Detection can be used to identify specific groups of malware (or families) based on similarities in their code:






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More