From: "Rex's Mom" <labsrgreat@invalid.com>
| while running aČ, Avast lept up with a warning about a
| program in the AČ Archive folder. Then while running Avast,
| it (Avast) complained about something in aČ.
|
| should one investigate (and what's the best way to do that?)
| or should one just accept 'their' word for it and quarantine?
Quarantines *should* be encrypted to avoid other anti malware utilities from flagging what
is found within the respective vendor's quarantine. However, this isn't always the case.
If you are unsure if a file has been unjustly quarantined, submit a sample to a given
qurantined item to Virus Total. If it is well recognized, purge that quarantined item from
the cache/folder. If it is NOT well recognized, wait several days, a week or more and
resubmit it. If it remains not well recognized or unrecognized then it may be a False
Positive and you should contact the anti malware vendor of the software which quarantined
the suspect. If it is a False Positive, it can the be restored from quarantine.
Please submit a sample to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.
You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN
When you get the report, please post back the exact results.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
Reply With Quote