Showing results for 
Search instead for 
Do you mean 
Reply
Paper Tape
Posts: 2
Registered: ‎12-07-2008
Location: Ontario, Canada
Message 1 of 6 (2,209 Views)

Virus reported by AV software on S: drive

I recently purchased a SL500. My antivirus software is sporadically reporting a virus (Generic!Artemis) on file

 

S:\recovery\iub\iuwork\iuwork\wreboot.exe

 

If I manually scan the file it reports as clean and if I launch a full scan it reports it as clean. A few scheduled scans have reported it as infected (but the last one run did not) and if I right click on the file to run the scan on a file level it first reports it as infected, but when I run the scan it is clean.

 

My understanding is that S is the service partition -- could this be a false

  positive?

 

I would like to get some background before I pursue with my AV vendor. Any help would be greatly appreciated!

Highlighted
Posts: 3,843
Topics: 135
Kudos: 280
Solutions: 185
Registered: ‎01-05-2008
Location: Münster, Germany GMT +1
Message 2 of 6 (2,195 Views)

Re: Virus reported by AV software on S: drive

Hello and welcome here!

 

Please tell us. which antivirus do you use?

Some suites have troubles, with our service partition and cause false positives.

_________________________________________________________
Follow
@LenovoForums on Twitter!
Try the forum search, before first posting: Forum Search Option
Please insert your type, model (not S/N) number and used OS in your posts.
I´m a volunteer here using New X1 Carbon, ThinkPad Yoga, Yoga 11s, Yoga 13, T430s,T510, X220t, IdeaCentre B540.
TIP: If your computer runs satisfactorily now, it may not be necessary to update the system.

 English Community       Deutsche Community       Comunidad en Español

Punch Card
Posts: 16
Registered: ‎12-08-2008
Location: Hong Kong
Message 3 of 6 (2,176 Views)

Re: Virus reported by AV software on S: drive

Hello, I've a similar problem. Avast antivirus 4.8 flagged "S:\INOV8LOG\RESETC.EXE" as "Other:Malware-gen".

Paper Tape
Posts: 2
Registered: ‎12-07-2008
Location: Ontario, Canada
Message 4 of 6 (2,158 Views)

Re: Virus reported by AV software on S: drive

I am running McAfee VirusScan Plus 2009

 

SL500 model 27463XU Intel(R) Core(TM)2 Duo CPU T5670 @ 1.8 Ghz running Vista Business SP1 Build 6001

 

Thanks

Posts: 3,843
Topics: 135
Kudos: 280
Solutions: 185
Registered: ‎01-05-2008
Location: Münster, Germany GMT +1
Message 5 of 6 (2,141 Views)

Re: Virus reported by AV software on S: drive

Hello,

 

I would do a check with Norton or Antivir.

 

I often heard about this issue, but it was never a virus, always the antivrus suites.

 

 

_________________________________________________________
Follow
@LenovoForums on Twitter!
Try the forum search, before first posting: Forum Search Option
Please insert your type, model (not S/N) number and used OS in your posts.
I´m a volunteer here using New X1 Carbon, ThinkPad Yoga, Yoga 11s, Yoga 13, T430s,T510, X220t, IdeaCentre B540.
TIP: If your computer runs satisfactorily now, it may not be necessary to update the system.

 English Community       Deutsche Community       Comunidad en Español

802.11n
Posts: 183
Registered: ‎08-21-2008
Location: United States
Message 6 of 6 (2,129 Views)

Re: Virus reported by AV software on S: drive

A previous post about this basically went unanswered, take a look at what they found: http://forums.lenovo.com/lnv/board/message?board.id=T_Series_Thinkpads&thread.id=19474

 

I get the feeling that they're coming up because they overwrite system files, so they would fit the description of a Trojan, but that's not there purpose. Many virus are made by copying from legit programs like these, and the antivirus providers have to flag all possible threats, even the original programs.

 

As the user, you should add them to the trusted list, just incase you need to use one of them, cause if it gets blocked, it could leave you with a useless machine. I've had it happen before, I had to do a full reinstall, all original data lost. We had to get a whole new license to a pretty expensive program, and that was no fun, because I got most of the blame. Smiley Sad

--------------------------------------------------------------------------------------------------------------------------------------------------------------------
Currently Just passed the CompTIA A+ 601 with flying colours! =D
Owner of an SL500 running Vista Business with 4GB of PC2 6400 RAM
top kudoed authors
User Kudos Count
1
1