Threat Description

Virus (Generic)

Details

Category: Malware
Type: Virus
Platform: W32
Aliases: Virus.generic.[variant], virus.gen.[variant]

Summary


A Generic Detection of a file that appears to have virus-like characteristics or behavior.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more assistance.


Suspect a file is malicious?

If in doubt, or in cases where a legitimate file is suspected to contain malicious code, please send a sample to F-Secure Security Labs via the Sample Analysis System (SAS) for analysis. You may want to refer to the following Support articles for more details:

Or Contact Support for further assistance.





Suspect a False Alarm (FA)?

Occassionally, a legitimate program or file containing code sufficiently similar to a known malware signature will inadvertently trigger a False Alarm or False Positive.

For example, 'tmp.edb' and other '.edb' files stored at the location 'C:\WINDOWS\SoftwareDistribution\DataStore\Logs\' may be unintentionally detected as malicious by various security programs.

If the suspect file is known to be legitimate, it may be excluded from scanning with the following instructions:

Microsoft also provides enterprise-level instructions for excluding the file in question from scanning by antivirus software:






Technical Details


A virus is a malicious program that integrates its own code into a program or file (referred to as the host file) on a computer system, without the knowledge or consent of the user. Viruses spread by infecting other files on a system each time an infected one is run; in extreme cases, after multiple affected files are run, all susceptible files on a system may be infected.

A virus that is identified by a detection using the format 'virus.gen.[variant]' indicates that the program was identified by a Generic Detection.

Unlike signature or single-file detections, a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More