my mother decided to scan her computer and it came across this OLRSubmission.exe as an infection
its its cyberlink powerdvd from nero 6 and i scanned the other 2 computers that have nero 6 on them and avast pick up the same file im thinking its a false positive but i figured id ask here to find out
so does anyone know if its a false positive or not or should i worry abit more
just so everyone knows my mothers computer isnt used that often she mostly goes on face book one of the other computers is only used for solitaire and poker and the one is a gaming computer
I’m unsure as to how they handle informing the submitter of the file.
This is why I recommended VT, as it would give you a more immediate answer.
Still, good its submitted to Alwill, nonetheless.
yeah well i couldnt figure out how to submit it to that site cause the file was in the virus vault and i couldnt figure out where the virus vault is besides the gui
Check for Malware with Malwarebytes Anti-Malware 1.46 http://filehippo.com/download_malwarebytes_anti_malware/
after install click update so you are scanning with latest database
run quick scan, click the remove selected button to quarantine any infections found
post the scan log here
You could also check the offending/suspect file at: [url=https://www.virustotal.com]VirusTotal[/url] - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect* That will stop the File System Shield scanning any file you put in that folder.
If only GData and avast detect it - GData uses avast as one of its two scanners so counts as 1 detection and almost certainly an FP.
Send the sample to avast as a False Positive:
Open the chest and right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update.
my guess is that the analysis guys at Prevex knows very well what " firefox.exe and taskmgr.exe " is and that this is not the real one…
see under ALIAS