Results 1 to 10 of 40

Thread: New Get Lazarus Initiative

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 09-02-2015, 07:30 AM #29
    sysrpl
    sysrpl is offline
    Junior Member
    Join Date
    Aug 2013
    Location
    Florida, USA
    Posts
    21
    I googled win32:evo-gen. The first result is the page below.

    http://malwarefixes.com/threats/win32evo-gen-susp/

    That page says win32:evo-gen is a threat identified by Avast Anti-virus products, it recommends first using norton power eraser. I ran power eraser and it brought back the list below after reboot.



    I'm not sure what to think, because two of those items I compiled 7 years ago on a different machine and just unpacked them on Friday. The rest were built a few days ago. All of them are not identified as having a virus, only that they are suspicious or something thereof. Here is a report for one item.

    c:\users\gigauser\desktop\shellpth.exe
    ____________________________
    ____________________________
    Developers: Not Available
    Version: Not Available
    Identified: 2/6/2015 at 12:46:06 PM
    Last Used: 2/6/2015 at 12:46:06 PM
    Startup Item: No
    ____________________________
    ____________________________
    UNKNOWN
    Number of users in the Norton Community that have used this file: Unknown
    ____________________________
    UNKNOWN
    This file release is currently not known.
    ____________________________
    UNPROVEN
    There is not enough information about this file to recommend it.


    Further research, according to wikipedia: http://en.wikipedia.org/wiki/Norton_Power_Eraser

    "If it is in the list of bad applications, it is marked for deletion. If it is unknown and not in any list, it is reported as suspicious but not marked for removal ... Power Eraser is very aggressive[1] to unknown threats which are not whitelisted and are instead marked for removal or sent for analysis."

    So it would seem according to wikipedia the items identified by norton power eraser are unknown. To me it doesn't sound like they're infected given how aggressive norton power eraser can be, and that they were marked for removal rather than deletion.

    Further googling searching for win32:evo-gen reveals many links to people using avast anti-virus getting win32:evo-gen false reports often. i'll keep scanning, but at this point I'm feeling more like my system isn't compromised. I'll continue to try differing virus scanners and report back here.
    Attached Images Attached Images
    Last edited by sysrpl; 09-02-2015 at 07:36 AM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules