Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 6 subscribers
  • Views 14802 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mal/Generic-L Can't be Removed - Please Help!

Ashmedai

I ran the Sophos free tool on my home PC (Windows 7 Home Premium, 64-bit, Service Pack 1), and it tells me it found Mal/Generic-L on my computer. I was told cleanup failed and to go to the free tools forum for cleanup advice - so here I am. I also tried to send a sample already, but I can't for the life of me figure out HOW to do this (I'm an utter idiot when it comes to computers, so if anyone can help with simple instructions, I'd be very grateful). Thanks.

:28215


This thread was automatically locked due to age.
  • 0

    Hello Ashmedai,

    please see article 11490 - simply use the online submission form (leave the Company name blank, after entering the other data click Next to get the fields for uploading the sample).

    Christian

    :28247
  • 0

    That confuses me, however, since I don't know what I'm supposed to upload as a sample.  :(

    :28261
  • 0

    Hello Ashmedai,

    you can find the scan's log in %ProgramData%\Sophos\Sophos Virus Removal Tool (usually %ProgramData% is C:\ProgramData\ which might be a hidden folder - if you don't know how to unhide it please see for example here). It will tell you the filename and path of the malicious file (please note that if you hide extensions for known file types you won't see the trailing .exe or whatever extension it has). You can simply copy the complete path (including name.ext) from the log in the submission form's field.

    HTH

    Christian

    :28265
  • 0

    Hi, and thank you! I really am a complete idiot when it comes to these things. Is this the info you need? :

    2012-08-01 14:03:08 >>> Virus 'Mal/Generic-L' found in file C:\Program Files (x86)\Common Files\aol\Backup\ACS\Rollback\comps\acsrollb.exe\FILE:0002

    Now, I just had a specialist check my computer for suspicious activity, and he said it could be a remnant of a previous infection I recently had with Incredibar, because he can't find anything amiss. Could it be a false positive, maybe?

    :28297
  • 0

    Hello Ashmedai,

    I really am a complete idiot

    I don't think so, it's me who forgot to tell you where to find the relevant information. Anyway, the "offending" file is acsrollb.exe (forget the FILE:0002 part). This is what you should submit - it could be a false positive, the detection is, as its name implies, a generic one. The file seems to be part of a backup of a previous version of the AOL Connectivity Service so you might not actually need it.

    Christian

    :28331
  • 0

    I'll give it a shot - thanks! :)

    :28413
Unfiltered HTML