while running aČ, Avast lept up with a warning about a
program in the AČ Archive folder. Then while running Avast,
it (Avast) complained about something in aČ.
should one investigate (and what's the best way to do that?)
or should one just accept 'their' word for it and quarantine?
--
Rex's Mom
From: "Rex's Mom" <labsrgreat@invalid.com>
| while running aČ, Avast lept up with a warning about a
| program in the AČ Archive folder. Then while running Avast,
| it (Avast) complained about something in aČ.
|
| should one investigate (and what's the best way to do that?)
| or should one just accept 'their' word for it and quarantine?
Quarantines *should* be encrypted to avoid other anti malware utilities from flagging what
is found within the respective vendor's quarantine. However, this isn't always the case.
If you are unsure if a file has been unjustly quarantined, submit a sample to a given
qurantined item to Virus Total. If it is well recognized, purge that quarantined item from
the cache/folder. If it is NOT well recognized, wait several days, a week or more and
resubmit it. If it remains not well recognized or unrecognized then it may be a False
Positive and you should contact the anti malware vendor of the software which quarantined
the suspect. If it is a False Positive, it can the be restored from quarantine.
Please submit a sample to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.
You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN
When you get the report, please post back the exact results.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
David H. Lipman wrote:
> From: "Rex's Mom" <labsrgreat@invalid.com>
>
> | while running aČ, Avast lept up with a warning about a
> | program in the AČ Archive folder. Then while running Avast,
> | it (Avast) complained about something in aČ.
> |
> | should one investigate (and what's the best way to do that?)
> | or should one just accept 'their' word for it and quarantine?
>
> Quarantines *should* be encrypted to avoid other anti malware utilities from flagging what
> is found within the respective vendor's quarantine. However, this isn't always the case.
>
> If you are unsure if a file has been unjustly quarantined, submit a sample to a given
> qurantined item to Virus Total. If it is well recognized, purge that quarantined item from
> the cache/folder. If it is NOT well recognized, wait several days, a week or more and
> resubmit it. If it remains not well recognized or unrecognized then it may be a False
> Positive and you should contact the anti malware vendor of the software which quarantined
> the suspect. If it is a False Positive, it can the be restored from quarantine.
>
>
> Please submit a sample to Virus Total --
> http://www.virustotal.com/flash/index_en.html
> The submission will then be tested against many different AV vendor's scanners.
> That will give you an idea what it is and who recognizes it. In addition, unless told
> otherwise, Virus Total will provide the sample to all participating vendors.
>
> You can also submit a suspect, one at a time, via the following email URL...
> mailto:scan@virustotal.com?subject=SCAN
>
> When you get the report, please post back the exact results.
>
thank you...will get on it in the next day or so and post back
--
Rex's Mom
Far Canal wrote:
> Rex's Mom wrote
>
>
>>while running aČ, Avast lept up with a warning about a
>>program in the AČ Archive folder. Then while running Avast,
>>it (Avast) complained about something in aČ.
>>
>>should one investigate (and what's the best way to do that?)
>>or should one just accept 'their' word for it and quarantine?
>>
>
>
>
> There are forums for both programs. Your question may have been
> raised/answered in them.
> You could google the name of the file.
>
am aware of the forums, but last time I went into the Avast
forum, I was having difficulty finding an answer to a
different problem.
thanks, though, will try to check it out.
--
Rex's Mom
From: "Far Canal" <me@privacy.net>
| Rex's Mom wrote
|
>> while running aČ, Avast lept up with a warning about a
>> program in the AČ Archive folder. Then while running Avast,
>> it (Avast) complained about something in aČ.
>>
>> should one investigate (and what's the best way to do that?)
>> or should one just accept 'their' word for it and quarantine?
>>
| There are forums for both programs. Your question may have been
| raised/answered in them.
| You could google the name of the file.
Googling for names of files is not a good idea as any file can be named anything.
Google SVCHOST.EXE and you will how a Google search doesn't help.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
From: "Far Canal" <me@privacy.net>
| David H. Lipman wrote
|
>> Googling for names of files is not a good idea as any file can be named anything.
>>
>> Google SVCHOST.EXE and you will how a Google search doesn't help.
>>
| I didn't say "and believe everything you read". I'd have thought we all
| know how important it is to work out if Google results are
| relevant/correct/nonsense etc etc. At the same time throwing a filename
| into Google will often provide answers.
|
Yes, and faux results as well. The novice may NOT know the difference between a faux and
true answer. Therefore Google is not a good source. Or at least I should say, a single
source. It needs other forms of identification. Submitting a sample to places like Virus
Total is definitive.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote