FileRepMetagen - How to remove

FileRepMetagen is the name given to a category of threats detected by the antivirus programs Avast and AVG (AVG is owned by Avast). The category usually being PUP — potentially unwanted programs.

Sometimes this detection is a false positive (examples of harmless executables being flagged as FileRepMetagen are custom unity executables, in general, unpopular, low reputation apps), but sometimes it’s a sign of a potentially unwanted program — adware, spyware, or even ransomware.

Examples of malware flagged as FileRepMetagen

Some flagged apps are potentially unwanted programs like GarGizer System Repair. PUPs, though not as bad as other malware, can, when installed, disrupt the user’s work. A lot of PUPs are adware that delivers annoying, intrusive and potentially dangerous ads which can further lead to more dangerous infections. Others are spyware which can steal personal information from the user, or crypto miners that steal a computer’s processing power.

The problem is that these apps can be installed stealthily, without the user’s knowledge or consent. Some developers and distributors take money in exchange for bundling PUPs with their installers and updaters. These installations are usually optional, but hidden behind “Advanced” and “Custom” options that a lot of users don’t look into. Even old, widely used and well-liked programs can turn to bundling PUPs — always be careful when installing or updating.

Note that nothing is installed without your consent. All offers are entirely optional and can easily be declined…

(said a developer while defending software bundling)

Some people are aware of the issues with software bundling and are trying to curb it. Still, PUPs being delivered without the user’s informed consent remains a problem. Especially because potentially unwanted programs like adware can lead to other, more destructive infections, such as file-encrypting ransomware.

Speaking of, CrY-TrOwX Ransomware has been flagged as FileRepMetagen. This is a type of virus that can lead you to lose your most important files if you don’t have a backup and if there is no decryptor available. This type of virus is one of the most devastating, especially to small businesses that often choose to pay the ransom rather than lose time trying to restore all files.

Malicious ads can also spread other annoyances:

• screenlockers — a type of ransomware that prevents you from interacting with your computer unless you buy a code that will unlock it),
• scareware — fake warnings that try to scare users into installing shady software, contacting scammers, or giving away their personal information),
• drive-by crypto miners (Crypto-mining happens even after users close their browsers)
• browser hijackers that inject advertisements into your browser and severely disrupt your browsing experience.

Needless to say, if your antivirus software has flagged something as FileRepMetagen, the warning should be taken seriously and investigated.

How (and if) to remove FileRepMetagen

One way to check if the warning is for a real virus is to cross-check the results with other antivirus programs. You can install new antivirus software, for example, Combo-Cleaner, Spyhunter, or malwarebytes. Scan the files again, and temporarily disable your current antivirus if you need to (but remember to enable it one you’re done).

If the other software does not find a problem, it might be that the flag was indeed a false positive. Still, it’ s a good idea to research it. Look at the details of the warning that your antivirus gave you and see if anyone else has had the same problem.

If the other antivirus apps also detect a virus, even if they call the threat some different name, it is probably real malware that needs to be removed. Some antivirus programs can succeed better than others. Remove the files, then scan your computer again. If the threat persists, you might need to use a different antivirus.

Automatic Malware removal tools