• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Iomega Encryption Utility v3.1.exe Trojan Alert from Norton

I recently ran a complete scan on my Windows Vista system and received a warning from Norton Security software that Iomega Encryption Utility v3.1.exe (which is created on a virtual drive at startup) has "Trojan.Gen.8!cloud". Of course, my first impulse was to effect the removal but the program wouldn't remove it. I tried Norton Eraser which also found the "trojan" in the file and could not remove. I'm assuming it has to do with the file being an encryption program existing on a virtual drive. Having further researched the trojan "Trojan.Gen.8!cloud" I found that this is typically a "generic" name for an unidentified trojan. I've blocked the program from being run (I've never run it) but I'm wondering if anyone else has received a warning for this particular program file. I've looked into removing the virtual folder and file which required me to download a new version of the utility from Iomega. Upon attempting to run the utility, Norton gave me the same Trojan alert. 

My questions are thus:

1) Has anyone encountered this problem.

2) Is this just a "false positive" from Norton due to the encryption nature of the Iomega utility program.

3) At this point, I've designated the program as "blocked" so that it can't be run and as Norton wouldn't allow it to run anyway (unless I overrode the protection) it has never run and isn't running now. Have any of you run this program and encountered a Trojan after doing so?

That's all I have. If anyone can shed any light on this, I'd appreciate it. Thanks!

Labels: Virus

Replies

Kudos0

Re: Iomega Encryption Utility v3.1.exe Trojan Alert from Norton

Is this your Utility v3.1
FWIW

File name: iomega-encryption-windows-v3.1.0.zip
Detection ratio: 6 / 56
Analysis date: 2016-12-25

File name: 8ffd1914e37298d954795364438984a569aa1039f0913a835fdda210f4c743c4.bin Detection ratio: 8 / 62
Analysis date: 2017-04-04

How to report false positives

Kudos0

Re: Iomega Encryption Utility v3.1.exe Trojan Alert from Norton

Hi and thanks for your reply. It's actually the .exe file within the zip called IomegaEncryptionSetup.exe  that is creating the trojan alert but yes, you found the right file. When the exe file is scanned, it generates the trojan alert. When I downloaded the zip file you referenced (hoping to replace the file generating the alert), it dissolved the file and when I attempted to run the .exe file it generated the trojan alert and deleted the file. It couldn't delete the original file when it was first found, I think because it existed on a virtual drive created by the Iomega USB drive.

What does the information you provided mean? That the .exe file does have a Trojan or that it's generating a false positive? I'm not quite sure how to interpret the data in your post but thank you for finding something as this is the first bit of info I've seen about this at all.

Kudos0

Re: Iomega Encryption Utility v3.1.exe Trojan Alert from Norton

> if you can match the hash, then we're likely taking about the same file.
> the hash is like the file fingerprint.
> if Norton quarantined the file then Copy to Clipboard may render SHA-256

in any case > you may submit the sample for analysis.
see > How to report false positives

Kudos0

Re: Iomega Encryption Utility v3.1.exe Trojan Alert from Norton

Thanks again, I'm going to submit the file and see what Norton says (assuming they say anything).

Accepted Solution
Kudos1 Stats

Re: Iomega Encryption Utility v3.1.exe Trojan Alert from Norton

Hi bjm. Thanks again for your help. I submitted the file in question to Norton who responded by email that it is, in fact, a "False Positive" and they're making the proper adjustments.

Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:

    File name: Iomega Encryption Utility v3.1.exe

    MD5: bd853a2f2ebad0e555c43d90c6cb4f36

    SHA256: 8ffd1914e37298d954795364438984a569aa1039f0913a835fdda210f4c743c4

    Note: Whitelisting may take up to 24 hours to take effect via Live Update

Kudos0

Re: Iomega Encryption Utility v3.1.exe Trojan Alert from Norton

This thread is closed from further comment. Please visit the forum to start a new thread.