01-25-2011 09:43 AM
Installed Titanium Maximum Security 2011 on brand new Windows 7 computer in late Nov. Everything seemed OK until yesterday. Friend called to suggest I run a scan since their security squawked after opening a pdf file from me. Ran Titanium and it "Detected" troj_gen.R47C2AL in C:\Program Files (x86)\Haali\MatroskaSplitter\Uninstall.exe That program apparently came on the Acer machine but was never identified as malware until now.
Ran Housecall - nothing identified
Ran MalwareBytes - nothing identified
Called TM support - told to run scan from safe mode
TM TMS will not run from my SAFE mode! I clicked on the desktop icon, found it in the start menu and clicked, went into the folder and tried to run it from there even - nothing worked.
Suggestions? - other than get a new security software???
Solved! Go to Solution.
01-25-2011 02:50 PM
troj_gen.R47C2AL is a classification name for a threat that may have a lot of variants. Based on the location, it seems like its a valid file that has been detected by Titanium as a Trojan. Like most of AV's around, Titanium's detection is based on heuristics. A file must meet up certain requirements before it can be detected. File behavior, file name, digital signatures, modification date, and most of its activity inside the machine. In your case "Uninstall.exe" is the file being detected.
You can post your hijackthis log for further analysis. Instructions here.
Titanium cannot run a scan in safemode. However, Housecall is very effective in safemode.