Reply
Occasional Visitor
inveresk
Posts: 1
Registered: ‎08-06-2012
0

MAL/GENERIC-S

Im running Sophos antivirus v 8.0.6 on Mountain Lion. It's detected a threat which it identifies as Mal/Generic-S which I've tried to clean up via Quarantine Manager without success. The programme simply runs endlessly. The path and filename are not identified so I have no idea where the problem file is located. 

 

I believe this is Windows malware but nevertheless I'd like to remove it. Any ideas how I do that?

Employee
Agile
Posts: 1,195
Registered: ‎11-02-2010
0

Re: MAL/GENERIC-S

Does the detection show up in your on-access log or a specific scan log?  It *is* likely Windows-based, and Generic-S is a very generic "catch all" detection family for Live Protection lookups (the infected item could be just about anything, as long as it has a dodgy enough reputation in the cloud).

 

It's likely that it was detected on a temporary file that no longer exists, if there's no actual file listed and it fails to clean up (because the file vanished before cleanup started).  If you remove it from the Quarantine manager, does the detection eventually come back?

-
Andrew
Threat Researcher
SophosLabs


For our other self-service and peer-to-peer online support systems:


Occasional Visitor
Quazar
Posts: 1
Registered: ‎01-08-2013
0

Re: MAL/GENERIC-S


Agile wrote:

Does the detection show up in your on-access log or a specific scan log?  It *is* likely Windows-based, and Generic-S is a very generic "catch all" detection family for Live Protection lookups (the infected item could be just about anything, as long as it has a dodgy enough reputation in the cloud).

 

It's likely that it was detected on a temporary file that no longer exists, if there's no actual file listed and it fails to clean up (because the file vanished before cleanup started).  If you remove it from the Quarantine manager, does the detection eventually come back?


The same thing happened to me, and like you said, when I remove it from the Quarantine manager, it DOES come back... please reply and help me, I really need your help. I'm not even going on my email and stuff because of that and I heard that it tracks your passwords...

Employee
Agile
Posts: 1,195
Registered: ‎11-02-2010
0

Re: MAL/GENERIC-S


inveresk wrote:

Im running Sophos antivirus v 8.0.6 on Mountain Lion. It's detected a threat which it identifies as Mal/Generic-S which I've tried to clean up via Quarantine Manager without success. The programme simply runs endlessly. The path and filename are not identified so I have no idea where the problem file is located. 

 

I believe this is Windows malware but nevertheless I'd like to remove it. Any ideas how I do that?


Mal/Generic-S is the designation given to any item marked bad in a Live Protection lookup -- it could be anything.  Without an actual file to tie it to, cleanup can't take place, and identifying if it's a legitimate detection is not possible.  If you restart your computer, clear the detection from quarantine and re-scan, is the detection still there?

 

My guess is that it's detecting a known-bad email attachment that has since been removed from your system (which is why there's no path).  There was a large run of Bredo yesterday that had some components detected as Mal/Generic-S.

 

-
Andrew
Threat Researcher
SophosLabs


For our other self-service and peer-to-peer online support systems: